drewk wrote:
Heard an interview with a guy from SANS on the radio recently. He said that currently any computer on the Internet can directly address any other computer on the Internet.
If you construe the phrase "on the Internet" to mean "possesses a valid routable IP address and accepts forwarded packets of some type", then the above is true in a strictly tautological sense. That is, it's true by definition, but doesn't actually convey any informational content.
He said that for security reasons, that would have to be changed, the same way the phone system was re-engineered 15 years ago.
The pronouncement is simplistic, useless, and fatuous. But hey, it's from the SANS Institute, so that's what one expects.
What is the phone system doing to segment the network that IP doesn't already support?
Nada. Rein du tout. It's all frames over an ATM backbone.
These are not the semantic contents we're looking for. You can go about your business. Move along.
Rick Moen
rick@linuxmafia.com