Hi, Sylvain. Thank you for all the follow-up documentation. I definitely agree that using the *_ANY option allows for downgrade attacks and makes security weak/non-existent. But that's the trouble with having to support legacy while also trying to push ahead, isn't it?
> It was enough for what I needed though, this is why I added it, I only wanted > to prevent anyone from sending valid command packets to our equipment just by > knowing its IP address. If someone breaks encryption and send the packet which > we avoided being received, then we will "Actually, I'm not even mad, that's > amazing" [5] :-) That's the same reason I'd like to use it -- and the same "kudos to you for hacking in". I'm more interested in preventing the casual "hacker", rather than trying to prevent the next infrstructure take-down. :-) -- G --------------------------------------------------------------------------------------- This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ---------------------------------------------------------------------------------------
_______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
