Return to tldapps Forum - Message Thread - FAQ

Username: Gregory W. Krajewski
Date/Time: Wed, October 25, 2000 at 5:56 AM GMT
Browser: Microsoft Internet Explorer V5.01 using Windows 98
Score: 5
Subject: I encourage everyone to read IOD's application - I would like to know what others are thinking!! I

Message:
 

 
The very thing I was interested in when I first looked at IOD's application (which by the way was posted to their website and open to the public before anyone else--Spirit of Openness) was their security plan.  Without getting into detail and "techie", I can assure you most "hackers" would agree that IOD's security plan is top notch.  Although I AM DEFINTITELY not a "hacker"--(unless were talking golf), I am nonetheless intrigued with how network and computer systems work and so I have read "their" (hacker community) literature (not illegal), specifically "2600" which in it spoke recently of "port filtering"--(which is what IOD uses) in a positive light ---Not all hackers are bad ....it's actually hackers turned consultants that have been in demand as of late by Fortune 500 companies to tell them what their weaknesses are---who would know better than people who have hacked into systems before to tell them if they have the proper security in place...which leads to another story---No system is unpentratable--None...it's how you filter your system that does the trick, along with secure systems behind the filters--IOD has that, again..TOP NOTCH!!!)...

(See below--portion of their application with regards to port filtering)

(From IOD's Application): 

Basic port filtering, performed by the routers, load-balancing switches, or other specifically-tasked intermediary devices, is a useful part of a security plan inasmuch as it simplifies things. The port filtering acts as a winnowing step that dramatically cuts back on what traffic must then be carefully contained and controlled. This reduces burden because it provides focus on exactly what traffic is actually required between any given points on the network. No noise allows us to see problems and guard against them pro-actively

The best approach to port filtering is a "deny all, allow specified" policy. That is, all traffic is denied unless it is explicitly allowed. With such a policy in place, we can be absolutely sure that the only traffic coming through any given, filtered point in the network is that which we specifically allowed.

An addition to port filtering, source filtering, further ensures that traffic is constrained to specific machines. Case in point, the data path between the front-end servers and back-end database servers is limited to only those clusters to prevent outside direct access to the database servers.

Filtering, though, is but the first line of defense in any given stage of the traffic flow. Behind the "open" ports must be hardened systems that themselves are resistant to attack. >>>>>>>>>>>>>


Again, I ENCOURAGE EVERYONE TO TAKE A LOOK AT IOD's APPLICATION.... what do you like?  For me it was their security plan hands down.. (as a consumer point of view as well as an interested person with respect to how security should be handled at the registry level)

What part do you like?  Did you know that IOD will provide more competition than any other prospective dot web TLD applicant?  If you can refute this post underneath your evidence to the contrary..!  Serious debate needs to happen...before Marina Del Ray.....Also if you dislike something in the applications or have suggestions point these out and this would also create meaning dialogue or clear up any misunderstandings....Speak now or forever ....you no the rest of the story...

Thanks!


Gregory W. Krajewski
Dot Web/IOD Supporter
gkrajews@mato.com
      
     

 

Link: IOD's application, "On it's own merit"


Message Thread:


Privacy Policy | Terms of Service | Cookies Policy