[69693] in North American Network Operators' Group
Re: Lazy network operators - NOT
daemon@ATHENA.MIT.EDU (Matt Hess)
Sun Apr 18 23:44:45 2004
Date: Sun, 18 Apr 2004 21:40:32 -0600
From: Matt Hess <mhess@solarius.org>
To: nanog@merit.edu
In-Reply-To: <a06020417bca7f3fe48b6@[192.168.102.100]>
Errors-To: owner-nanog-outgoing@merit.edu
<late-night-humor>
I was amused at this and decided to look real quick.. OpenBSD's pf can
block on OS fingerprints.. effectively doing exactly what you are
kidding about (at least I'd hope so.. well, maybe) even in the man page
example they put:
# Do not allow Windows 9x SMTP connections since they are typically
# a viral worm. Alternately we could limit these OSes to 1 connection each.
block in on $ext_if proto tcp from any os {"Windows 95", "Windows 98"} \
to any port smtp
The OS fingerprint list they have is rather extensive..
</late-night-humor>
:)
Mike Jezierski - BOFH wrote:
{sniped}
> the damned operating system Micro$haft. If there was a blackhole list to
> block all Windows lUsers it would be more effective - granted that would
> also reduce email down to about 10% of the computing population.
>
> No zombies on my Macintosh regards.....
>
