dns interceptors
Steven Bellovin
smb at cs.columbia.edu
Sun Feb 14 23:59:56 UTC 2010
On Feb 14, 2010, at 6:54 PM, Mark Andrews wrote:
>
> In message <alpine.GSO.2.00.1002141746410.9929 at clifden.donelan.com>, Sean Donel
> an writes:
>> On Sun, 14 Feb 2010, Randy Bush wrote:
>>>> ssh tunnels to IP address
>>> i am often on funky networks in funky places. e.g. the wireless in
>>> changi really sucked friday night. if i ssh tunneled, it would multiply
>>> the suckiness as tcp would have puked at the loss rate.
>>> smb whacked me that i should use non-tcp tunnels.
>>
>> Their network, their rules; your network, your rules; my network, my
>> rules.
>
> There is also "truth in advertising" laws. If they advertise
> "Internet" access then you should get the "Internet" not a cut down /
> filtered version.
Yes -- and as a reward for your expertise, you get to explain the problem with a transparent DNS proxy to the judge. For bonus points, explain it to a jury....
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list