http://www.ISAserver.org ------------------------------------------------------- It takes a big man to admit that :) Actually, I am no grammarian -- its only when politics infect grammar that I pay attention. You're still more skilled at the mechanics of the language as a whole :) Tom Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor > (Hammer of God) > Sent: Sunday, April 16, 2006 7:57 PM > To: isalist@xxxxxxxxxxxxx; Timothy Mullen; Thomas W Shinder > Subject: [isalist] Re: FW: Re[2]: Bypassing ISA Server 2004 with IPv6 > > http://www.ISAserver.org > ------------------------------------------------------- > > > Ah- I more clearly see your point regarding "agreement in > numbers." The > "true" object is "administrator" used in singularity; however I used a > reflexive of "themselves" in plurality. That is indeed > incorrect. And though > I contend that non-gender specificity should be observed in general > reference, I agree that object/pronoun agreement should come > "first," even > if modern-usage dictates gender etiquette. > > I should have said "saving ignorant administrators from themselves." > > You win. > > t > > > On 4/16/06 5:25 PM, "Thor (Hammer of God)" > <thor@xxxxxxxxxxxxxxx> spoketh to > all: > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > Actually, it *is* reflexive. "Himself, herself, themselves" are all > > reflexive pronouns. When the object of the sentence is not > a pronoun, i.e. > > "the ignorant administrator" you can't directly match the > object with a > > reflexive pronoun, hence my use of "themselves." > Pedantically, one cannot > > say "protecting the ignorant administrator from himself" nor can you > > (correctly) say "from herself," as all reflexive pronouns > must match the > > object pronoun if it exists. In the case of "the" being > substituted as a > > non-gender reference, "themselves" was the best choice of > reflexive pronoun > > for that object. The ubiquitous use of "the" obviates the > use of any other > > gender specific pronoun, regardless of "number agreement." > In any other > > case, I would acquiesce to your point in regard to grammar, > but not here. > > > > t > > > > > > > > > > On 4/16/06 5:05 PM, "Thomas W Shinder" > <tshinder@xxxxxxxxxxx> spoketh to > > all: > > > >> http://www.ISAserver.org > >> ------------------------------------------------------- > >> > >> It's not a reflexive thing, it's an agreement in number thing. > >> > >> Sent via ISA firewall protected Exchange 2003 Windows Mobile > >> > >> > >> -----Original Message----- > >> From: "Thor (Hammer of God)"<thor@xxxxxxxxxxxxxxx> > >> Sent: 4/16/06 4:58:27 PM > >> To: "isalist@xxxxxxxxxxxxx"<isalist@xxxxxxxxxxxxx> > >> Subject: [isalist] Re: FW: Re[2]: Bypassing ISA Server > 2004 with IPv6 > >> > >> http://www.ISAserver.org > >> ------------------------------------------------------- > >> > >> It should be "installs *and* configures," and you should > check the spacing > >> on the post... Looks like some spaces were removed. > >> > >> Thanks for the post, though. Refexive pronouns and all ;) > >> > >> T > >> > >> > >> On 4/16/06 6:50 AM, "Thomas W Shinder" > <tshinder@xxxxxxxxxxx> spoketh to > >> all: > >> > >>> http://www.ISAserver.org > >>> ------------------------------------------------------- > >>> > >>> Here you go: > >>> > >>> > http://blogs.isaserver.org/shinder/2006/04/16/isa-firewalls-and-ipv6/ > >>> > >>> Thomas W Shinder, M.D. > >>> Site: www.isaserver.org > >>> Blog: http://blogs.isaserver.org/shinder/ > >>> Book: http://tinyurl.com/3xqb7 > >>> MVP -- ISA Firewalls > >>> > >>> > >>> > >>>> -----Original Message----- > >>>> From: isalist-bounce@xxxxxxxxxxxxx > >>>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor > >>>> (Hammer of God) > >>>> Sent: Saturday, April 15, 2006 10:40 PM > >>>> To: isalist@xxxxxxxxxxxxx > >>>> Subject: [isalist] FW: Re[2]: Bypassing ISA Server 2004 with IPv6 > >>>> > >>>> http://www.ISAserver.org > >>>> ------------------------------------------------------- > >>>> > >>>> > >>>> Just to keep the ISA Lists in the mix when it comes to this > >>>> "IPv6 Bypassing > >>>> ISA" thing... > >>>> > >>>> > >>>> > >>>> ------ Forwarded Message > >>>> From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx> > >>>> Date: Sat, 15 Apr 2006 20:28:36 -0700 > >>>> To: Bugtraq <bugtraq@xxxxxxxxxxxxxxxxx> > >>>> Conversation: Re[2]: Bypassing ISA Server 2004 with IPv6 > >>>> Subject: Re: Re[2]: Bypassing ISA Server 2004 with IPv6 > >>>> > >>>> ISA Server is an application that is installed on top of the > >>>> base OS. Are > >>>> you suggesting that the application should actually > prevent the local > >>>> administrator of the host machine from installing and > configuring what > >>>> protocols are bound to what adapters? > >>>> > >>>> To me, *that* is the borderline. There is no such thing as > >>>> "for what ever > >>>> reason ipv6 in enabled on ISA" when it comes to administering > >>>> an enterprise > >>>> firewall product. If an administrator installs configures > >>>> ipv6 on the OS of > >>>> the firewall, and then binds ipv6 to a protected network > >>>> segment, then they > >>>> absolutely, positively, without-a-doubt get exactly what > they deserve. > >>>> Anyone who does that without understanding what they are > >>>> doing are simply > >>>> taking jobs away from competent, knowledgeable administrators. > >>>> > >>>> The mindset of "protecting the ignorant administrator from > >>>> themselves" in > >>>> this business has got to end. Positioning this as if there > >>>> is some flaw in > >>>> ISA because the application does not prohibit a local > >>>> administrator from > >>>> binding unsupported protocols to interfaces is simply > >>>> ludicrous. In fact, it > >>>> is the opposite that is true: If I as an administrator of a > >>>> machine want to > >>>> bind a protocol to an adapter for some reason (as in a > >>>> separate, private > >>>> segment for use in a particular environment) then I should, > >>>> indeed MUST, be > >>>> able to do it. And I will be responsible for the > >>>> implications of doing so. > >>>> > >>>> There was an earlier thread today where a simple list of > >>>> hostnames being > >>>> filtered from the Win32 HOSTS file was positioned as > >>>> "deliberate sabotage" > >>>> of our machines by Microsoft; a case of "It's my computer- > >>>> keep your hands > >>>> off." Yet here, the integrity of a product is being > >>>> challenged because the > >>>> application does not prevent an administrator from installing > >>>> and binding > >>>> protocols at the OS-level in cases where the application is > >>>> not designed to > >>>> filter those protocols? That is a double-standard at its best. > >>>> > >>>> t > >>>> > >>>> > >>>> On 4/10/06 12:34 PM, <You can get the OP from Bugtraq> > spoketh to all: > >>>> > >>>>> Thanks for clearing that. But: If ISA is not able to > >>>> filter IPv6 so > >>>>> why can it be bound to an interface anyway? Just to > route things > >>>>> through? Blindly through a firewall? > >>>>> Another posting talks about limited filtering > capabilities. Roman > >>>>> wrote, icmp went through. So where is the borderline? It > >>>> still seems > >>>>> to me that in the moment for what ever reason ipv6 is > >>>> enabled on ISA > >>>>> the network it should secure is exposed. > >>>>> > >>>> > >>>> > >>>> ------ End of Forwarded Message > >>>> > >>>> > >>>> ------------------------------------------------------ > >>>> List Archives: //www.freelists.org/archives/isalist/ > >>>> ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > >>>> ISA Server Articles and Tutorials: > >>>> http://www.isaserver.org/articles_tutorials/ > >>>> ISA Server Blogs: http://blogs.isaserver.org/ > >>>> ------------------------------------------------------ > >>>> Visit TechGenix.com for more information about our other sites: > >>>> http://www.techgenix.com > >>>> ------------------------------------------------------ > >>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > >>>> Report abuse to listadmin@xxxxxxxxxxxxx > >>>> > >>>> > >>>> > >>> ------------------------------------------------------ > >>> List Archives: //www.freelists.org/archives/isalist/ > >>> ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > >>> ISA Server Articles and Tutorials: > >>> http://www.isaserver.org/articles_tutorials/ > >>> ISA Server Blogs: http://blogs.isaserver.org/ > >>> ------------------------------------------------------ > >>> Visit TechGenix.com for more information about our other sites: > >>> http://www.techgenix.com > >>> ------------------------------------------------------ > >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > >>> Report abuse to listadmin@xxxxxxxxxxxxx > >>> > >>> > >>> > >> > >> > >> ------------------------------------------------------ > >> List Archives: //www.freelists.org/archives/isalist/ > >> ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > >> ISA Server Articles and Tutorials: > >> http://www.isaserver.org/articles_tutorials/ > >> ISA Server Blogs: http://blogs.isaserver.org/ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > >> Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> > >> ------------------------------------------------------ > >> List Archives: //www.freelists.org/archives/isalist/ > >> ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > >> ISA Server Articles and Tutorials: > >> http://www.isaserver.org/articles_tutorials/ > >> ISA Server Blogs: http://blogs.isaserver.org/ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > >> Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> > >> > > > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx