Bugtraq mailing list archives
Re: NYT Article this morning
From: perry () imsi com (Perry E. Metzger)
Date: Tue, 24 Jan 1995 13:18:43 -0500
Rick Busdiecker says:
Even that is insufficient, actually. If you see a packet going by, you can still try to jam the works up and steal the connection anyway. The only permanent solution is a cryptographic security protocol for the net -- one is actually in the works now in the IETF. Morris' paper concludes with this sentence: A workable solution might be to only trust hosts on the same physical network, and modify gateways to reject packets that claim to, but do not in fact, come from directly connected networks. Your statement as to the ``only permanent solution'' suggests that you disagree with Morris' hypothesis.
Yes.
Do you believe that it's possible to use the techniques that are being discussed to get past a ``two wire'' firewall which ignores internal packets originating from the external wire?
Yes. This won't impact people that don't allow specially authenticated logins via their firewall, but sites using S/Key and similar methods for authenticated firewall traversing logins can be hit. The victim can log in to the firewall from the outside and have his session stolen -- this is the equivalent of an ATM thief waiting for someone to enter their PIN at a machine and then knocking them cold. Perry
Current thread:
- Re: NYT Article this morning der Mouse (Jan 23)
- <Possible follow-ups>
- Re: NYT Article this morning Perry E. Metzger (Jan 23)
- Re: NYT Article this morning Rick Busdiecker (Jan 24)
- Re: NYT Article this morning Perry E. Metzger (Jan 24)
- Re: NYT Article this morning Rick Busdiecker (Jan 24)
- Re: NYT Article this morning David Kovar (Jan 23)
- Re: NYT Article this morning Valdis.Kletnieks () vt edu (Jan 24)