Re: Security problems in ISDN equipment authentication

[jbailey () ASCEND COM AU (Josh Bailey)]

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 10 Feb 1999, David Schwartz wrote:

>       Ascend determines whether to bond a new incoming PPP connection with a
> previous connection based upon the 'endpoint identifier'. As I recall, they
> claimed that they had to do this because they had to decide whether to bond
> or not _before_ they received any other authentication information.

First off, I'm not speaking officially for Ascend. :-) If you want an
official assurance you should give our TAC a call and they will be able to
put you through to someone authoritative.

I spoke to two engineers involved in Ascend's MP implementation just now.
While indeed the behaviour you specified was true in pre 4.6 software
(current version is 7), this issue has been resolved by including
authentication information along with the client's given endpoint.

This has been the case for nearly three years now.

Nonetheless, if you believe there's still a problem, please open a ticket
with us (or just mail me) with the precise details on how to reproduce it.

Thanks,

- --
Josh Bailey (mailto:josh () ascend com)

Principal Engineer (Access), APAC            Voice:        +61-3-9656-7000
Ascend Communications, Inc                   Fax:          +61-3-9656-7006
Level 38, ANZ Tower, 55 Collins St           Mobile:       +61-417-128-921
Melbourne, Australia                         PGP:    SEND FILE jbailey.asc


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBNsM9+syBE5tx+aP1AQEThQL9Fnc2Hp6FvJgXFM1fCMj43ZTI2zrqGGLQ
U+bM6cbsOssrX8tu977J/qLQ52H9T7a2Ns99lN0JtddzGipVNuuB2Mx2g9SrE5OI
7l65VqO2PCTof8tAoeLaWYHAwt8wM2GX
=Fztw
-----END PGP SIGNATURE-----