Posted on 09/25/2004 8:46:25 AM PDT by John Robertson
I've used a few firewalls, hardware and software, and wish there were some way to selectively enable/disable ICMP/PING. To be sure, leaving it on when there's no need for it may not be a good thing (though not nearly as bad as Steve suggests) but there are times when it is genuinely useful for diagnosing networking problems.
BTW, on a related note, one idea which I've been thinking might be somewhat interesting (though probably not of quite enough use to be practical) would be a DOS-resistant TCP document server for a small collection (up to 256) of static documents.
The server would do nothing except in responce to a TCP packet on the configured port.
All packets received except SYN packets would produce return packets whose headers were identical to those received except for swapping source/destination IP and port addresses.
The response to a SYN packet would be a SYN+ACK packet whose ack number was equal to the received sequence number, plus one [the transmitted sequence number would be equal to the received one].
For packets containng 'n' bytes of data, the first byte of data would be examined and used to select a data file. The received sequence number (which would also be the transmitted sequence number) would be taken, modulo the size of the data file. The reply packet would contain 'n' bytes of data from the file, starting at the specified location unless the received sequence number was within an incomplete 'last copy' of the file, in which case it would send out a 'garbage indicator' pattern.
The data file should not contain any FF's within the data proper (code-escaping makes that a trivial requirement), but should start with an FF-preceded header which would state the file size. To receive data file 'n', simply telnet to the appropriate port and start sending character byte 'n'. Grab the received data, watching for an FF followed by a header. If you get a stream of FF's before the header, toss them out. Once the header has been grabbed, grab the appropriate number of bytes after it [size of file minus the number of non-FF bytes received before the header] and assemble the file.
In some ways this would be less efficient than some other TCP protocols, but would have two big benefits:
Most hardware firewalls can toggle ICMP/PING with just a few clicks.
It's my understanding that the bank doesn't have to reimburse on a debit card at all.
At least with a real credit card you are only liable for $50.
I had a phony charge of $104. on my credit card a month ago.( from a video game outfit, at least that was on the bill) Called the credit card co., they sent me a form and credited my acct.
BTW, I don't own a debit card, though the bank trys to push one on me.
Is the lock supposed to be closed at all times, or is it (as I assume) only locked when conducting monetary business online?
Mine is open now, indicating "You are browsing an ordinary website".
I would "assume" that it would be locked when conducting transactions, to insure such are "secure" operations..
But then, the question arises, what if a transaction or transactional information is being conducted / transfered / acquired without your knowledge, on a supposedly ordinary website?
That's what all those backdoor viruses, spy-ware / ad-ware proggies, etc. are all about.. getting that info, or otherwise accessing your computer for information on your bank accounts, credit cards, etc..
Seems to me it is better to be x-tremely paranoid, and make sure it is closed at all times..
Check your browser's help files on what the lock does in your particular browser, and act accordingly..
Then make sure you don't have any "sensitive" information stored on your computer..
No matter how "convenient" it is..
From what I've read in the "literature", online purchasing is no more dangerous than handing your credit card to a store employee for a purchase.. maybe even less so..
But it's always wise to be cautious when handing someone the means of access to your bank account..
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.