> you shouldn't allow unrestricted access to the network from unmanaged > hosts, that's a recipe for disaster. no, what's a disaster is to use source IP addresses or port numbers as an indication of trustworthiness on any network that extends beyond a single room. the notion that you can "manage" significant numbers of hosts to ensure their trustworthiness is delusional. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf