Re: IP spoofing vs tcp wrappers and netacl

Perry E. Metzger (perry@imsi.com)
Tue, 24 Jan 1995 13:07:28 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Quentin Fennessy: "Re: Hijacking tool"
Previous message: Perry E. Metzger: "Re: NYT Article this morning"
In reply to: Christopher Klaus: "Re: IP spoofing vs tcp wrappers and netacl"
Next in thread: Christopher Klaus: "Re: IP spoofing vs tcp wrappers and netacl"

Christopher Klaus says:
> Probably the best way to prevent IP spoofing attacks is to turn off all
> ip-based authenication services, ie rsh, rlogin are the main ones.

Insufficient. If you can see at least part of the packet stream, you
can session-steal. This makes a mockery of things like S/Key.

Perry

Next message: Quentin Fennessy: "Re: Hijacking tool"
Previous message: Perry E. Metzger: "Re: NYT Article this morning"
In reply to: Christopher Klaus: "Re: IP spoofing vs tcp wrappers and netacl"
Next in thread: Christopher Klaus: "Re: IP spoofing vs tcp wrappers and netacl"