Firewall Wizards mailing list archives
Re: Proxy 2.0 secure?
From: "Brian Steele" <steele_b () spiceisle com>
Date: Wed, 1 Jul 1998 08:58:37 -0400
Is such a thing as an "OS-independent" logon validation mechanism?Any non-transparent protocol-dependant technique or any mechanism that relies on cleint's IP address.
Should I repeat my donkey-cart and car analogy? I do not NEED any security tools that rely on a client's IP address on my LAN. I do not WANT any security tools that rely on a client's IP address on my LAN.
You do. The point of discussion was that NT domain logon mechanism lets you authenticate from any PC in the network transparently - and then i called this technique say, not as good as it seems, because it relies on cleint PC's security. If the machine is not trusted, how can you do something sensitive from it?
I still don't see the connection you're trying to make between PC security and NT domain security. The only connection I can see between the two is if you configure the PC to autologon to the NT LAN, using a stored username and password (in which case you're going to have considerably more security problems than outgoing access through a Proxy Server).
It is (at least!) as insecure as underlying NT is. More than enough for me.
The "insecure" NT mechanism has proven itself secure enough for my needs. Care to state why you think it's insecure? The following link might be of interest concerning the "insecurity" of NT: http://www.tbg.com/login/micrsoft.htm Regards, Brian Steele
Current thread:
- Re: Proxy 2.0 secure? Brian Steele (Jul 01)
- <Possible follow-ups>
- Re: Proxy 2.0 secure? David Newman (Jul 01)
- Re: Proxy 2.0 secure? tqbf (Jul 03)
- Re: Proxy 2.0 secure? John McDermott (Jul 01)
- Re: Proxy 2.0 secure? Brian Steele (Jul 02)
- Re: Proxy 2.0 secure? David Newman (Jul 03)
- RE: Proxy 2.0 secure? ICMan (Jul 07)
- RE: Proxy 2.0 secure? David Newman (Jul 07)