nanog mailing list archives
Packet anonymity is the problem?
From: Sean Donelan <sean () donelan com>
Date: Sat, 10 Apr 2004 22:48:16 -0400 (EDT)
If you connect a dialup modem to the public switched telephone network, do you rely on Caller ID for security? Or do you configure passwords on the systems to prevent wardialers with blocked CLIDs from accessing your system? Have a generation of firewalls and security practices distracted us from the fundamental problem, insecure systems. http://www.ecommercetimes.com/perl/story/security/33344.html Gartner research vice president Richard Stiennon confirmed that packet anonymity is a serious issue for Internet security. [...] "Because of the way TCP/IP works, it's an open network," Keromytis said. "Other network technologies don't have that problem. They have other issues, but only IP is subject to this difficulty with abuse." [...] Bellovin compared the situation to bank robberies. "[S]treets, highways and getaway cars don't cause bank robberies, nor will redesigning them solve the problem. The flaws are in the banks," he said. Similarly, most security problems are due to buggy code, and changing the network will not affect that.
Current thread:
- Packet anonymity is the problem? Sean Donelan (Apr 10)
- Re: Packet anonymity is the problem? Todd Vierling (Apr 10)
- Re: Packet anonymity is the problem? Dan Hollis (Apr 10)
- Re: Packet anonymity is the problem? Paul Vixie (Apr 10)
- Re: Packet anonymity is the problem? Joe Provo (Apr 11)
- Re: Packet anonymity is the problem? Petri Helenius (Apr 11)
- Re: Packet anonymity is the problem? Joe Maimon (Apr 11)
- Re: Packet anonymity is the problem? Jeff Workman (Apr 11)
- Re: Packet anonymity is the problem? Joe Maimon (Apr 11)
- Re: Packet anonymity is the problem? Jeff Workman (Apr 11)
- Re: Packet anonymity is the problem? Steven M. Bellovin (Apr 11)
- Re: Packet anonymity is the problem? Todd Vierling (Apr 10)