Re: [gnso-ff-pdp-may08] Definition V4.2: concern about "consumer-grade"

[Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>]

Mike mentioned: 

#a fella finishes up a phone call, breaks for lunch, is just drifting 
#off for the Afternoon Nap when a fistfight breaks out on the list.

Can it be a fistfight if the target doesn't notice? :-; I grew up
arguing politics over the dinner table as a kid, so things would need 
to get substantially more pointed for there to be an issue from my
point of view. Passion about a topic doesn't bother me. :-)

But thanks for wielding the gavel nonetheless, Mike. :-)

All that aside, Eric mentioned:

>is this for my benefit joe, or are you just spouting off?

I usually just spout off. :-) Call me the great white whale. :-)

>if it is for my benefit, then you have to be addressing the 
>assertion, mine, that autonomous system is less determinitive of 
>risk than whether the network attached device is a microsoft 
>operating system product, and therefore a poor substitute, if the 
>root cause is not to be ignored.

The fundamental problem is that at least in some jurisdictions
(such as North Dakota, and arguably in Oregon as well), one is 
apparently not at liberty to do things like nmap random boxes in 
an effort to determine the operating system that may be in use. 
(An interesting sidebar would be, "Does it matter if the remote
system of interest attempted to connect to one of your hosts, and
you merely attempt to ascertain the operating system as part of
a 'reactive scan' as part of the process of establishing (or
not establishing) that connection")

If you're aware of some way that the Internet as a whole can passively 
and reliably determine a host's operating system *without* actively 
scanning it, I'd sure love to hear about it. :-) As it is, most folks 
simply assume that the market-dominant-player-OS is what's connecting to 
them by default, simply because as a matter of market share, that's usually 
a pretty good assumption.

Of course, that removes OS from the discriminant function, if it becomes
a presumed/non-determinable subject characteristic. 

>reputation has been discussed more than once on nanog, which i know 
>even if you don't.

If subscribing to NANOG, or attending NANOG, or having your site host
NANOG is a badge of honor, I think I'm covered (UO co-hosted NANOG 16 
and NANOG 26 in Eugene, for example)

Now I must admit that my NANOG-related killfile *has* grown over the years, 
but, well, now that's just the way NANOG can be sometimes, now isn't it? :-;

However, when it comes to reputation issues, since the topic of spam (in
particular) is VERY off topic for NANOG, I tend to look more to folks
such as my friends at Senderbase (nee Ironport nee Cisco), or Meng Weng 
Wong's Karmasphere (you can have some fun testing various IPs, domains,
or URLs against the 398 data sources Karmasphere currently tracks :-))

>hold the "regards", i prefer real ones over what's available.

Believe it or not, I actually *do* have high regards for everyone who's
taking the time to work on/talk about the fastflux issue. The community
is small, I try to be friendly with pretty much everyone except blackhats
(and I don't think anyone remotely connected with this work falls in that
category, except the fastfluxers themselves), and I was also raised to 
be polite, so, well, whatever. :-)

Regards (and I *DO* mean it),

Joe

Disclaimer: all opinions strictly my own.