nanog mailing list archives
Blocking Win95 hosts [WAS: Lazy network operators - NOT]
From: Patrick W.Gilmore <patrick () ianai net>
Date: Mon, 19 Apr 2004 00:03:29 -0400
On Apr 18, 2004, at 11:40 PM, Matt Hess wrote:
<late-night-humor>I was amused at this and decided to look real quick.. OpenBSD's pf can block on OS fingerprints.. effectively doing exactly what you are kidding about (at least I'd hope so.. well, maybe) even in the man page example they put:# Do not allow Windows 9x SMTP connections since they are typically# a viral worm. Alternately we could limit these OSes to 1 connection each. block in on $ext_if proto tcp from any os {"Windows 95", "Windows 98"} \to any port smtp The OS fingerprint list they have is rather extensive.. </late-night-humor>
Ya know, I do not think that is such a bad idea.Does anyone have any stats on the number of "real" MTAs that use Win9x? Or of the "real" MTAs that show up as Win9x on this fingerprint?
-- TTFN, patrick
Current thread:
- Re: Lazy network operators - NOT, (continued)
- Re: Lazy network operators - NOT Valdis . Kletnieks (Apr 19)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Iljitsch van Beijnum (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Steven Champeon (Apr 20)
- Re: Lazy network operators - NOT Rik van Riel (Apr 28)
- Re: Lazy network operators - NOT Paul Jakma (Apr 18)
- Re: Lazy network operators - NOT Mike Jezierski - BOFH (Apr 18)
- Re: Lazy network operators - NOT Matt Hess (Apr 18)
- Re: Lazy network operators - NOT Mike Jezierski - BOFH (Apr 18)
- Blocking Win95 hosts [WAS: Lazy network operators - NOT] Patrick W . Gilmore (Apr 18)
- Re: Blocking Win95 hosts [WAS: Lazy network operators - NOT] Matt Hess (Apr 18)
- Fingerprints (was Re: Lazy network operators - NOT) Sean Donelan (Apr 19)
- Re: Lazy network operators - NOT Petri Helenius (Apr 18)
- Re: Lazy network operators - NOT Paul Vixie (Apr 18)
- Re: Lazy network operators - NOT Jerry Eyers (Apr 18)
- Re: Lazy network operators - NOT Lou Katz (Apr 18)
- Re: Lazy network operators - NOT Rodney Joffe (Apr 18)
- Re: Lazy network operators - NOT Doug White (Apr 18)
- Re: Lazy network operators - NOT Sean Donelan (Apr 18)
- Re: Lazy network operators - NOT Doug White (Apr 18)