> I think it's the responsibility of the folks promoting a
> tool to take at least simple steps to limit its susceptibility to misuse.
Were this the attitude long held to by society, we would have never
allowed the use of round wheels, rocks, or forks.
> The problem is, this tool has made it trivial to bypass established
> packet filtering mechanisms. Even the simple step of hard-coding a
> well-known-port into the software would have improved the security.
> Sure, it's trivial to edit the source and change the port, but I think
> most crackers wouldn't even go to that much effort.
The point was to bypass a recalcitrant administrator who went
overboard, snooping at people's packets. The tool wouldn't be useful
if the normal mechanisms were allowed to function for the desired