Subj : binkd and mystic and secure sessions
To   : Allen Prunty
From : mark lewis
Date : Thu Dec 15 2016 05:04 am


15 Dec 16 01:53, you wrote to me:

AP>>>> The domain must match exactly case sensative.

TL>>> Agree, domains must match.

ML>> i can't say that i've seen binkd have a problem with case sensitivity
ML>> but it is possible, i suppose...

ML>> that brings another question, though... what about aliases? are they
ML>> also case sensitive if domains are??

AP> Yes... anything put in mystic needs to match pretty much exactly or mystic
AP> may (or may not as more likely) choose to use it.  Quite frankly I think
AP> this is a good security measure.

we're talking about binkd's alias options for domains ;)

it is not a security measure, either... case sensitivity on domains is shit
whether it is FTN domains, novel netware domains, NETBIOS/NETBUEI domains, or
internet domains...

AP> But mystic does tend to break traditions by making them case
AP> sensative.

attention to detail... it should not be case sensitive on domains...

AP> One other thing that helped with connection refusal is ticking the
AP> setting when node x:xxx/xxx polls in don't present any AKAs but the
AP> one they are connecting to.  This seemed to make it behave a bit more
AP> too.

that option helps in some cases... i requested it be added because stats were
wrong... i was polling a system in an othernet supposedly with my othernet
address but that other system's stats were logging everything with my main
address which was not in that othernet... there was no connection or link
between us with that main address so their stats were technically wrong... by
hiding the other addresses, there was only one presented to them and their
stats were now technically correct... i think it would have been easier for
mystic to present the common address first in the list of addresses and avoid
the problem in the first place but someone didn't see that or they didn't
understand the problem... there is a reason for having AKA matching ;)

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it
wrong...
... I can spell CEE phonetically....
---
* Origin:  (1:3634/12.73)