Re: IP spoofing vs tcp wrappers and netacl

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Valdis.Kletnieks@vt.edu: "Re: NYT Article this morning"
• Previous message: Rick Busdiecker: "Re: NYT Article this morning"
• In reply to: Perry E. Metzger: "Re: IP spoofing vs tcp wrappers and netacl"
• Next in thread: Perry E. Metzger: "Re: IP spoofing vs tcp wrappers and netacl"

> 
> 
> Christopher Klaus says:
> > Probably the best way to prevent IP spoofing attacks is to turn off all
> > ip-based authenication services, ie rsh, rlogin are the main ones.
> 
> Insufficient. If you can see at least part of the packet stream, you
> can session-steal. This makes a mockery of things like S/Key.

If you have an attacker that is listening to your packet stream, you
have more serious problem than just IP spoofing attacks.  But to stop
people from doing ip spoofing on remote networks that they cant sniff, 
disabling ip-based authenication services. 

If you have intruders sniffing your network, you will need to do a lot 
more than just disable certian services. 

  The only long-term solution that would adequately fix many of these
problems is cryptography being implemented in authenication and encrypting
all network traffic.  With NSA probably having a better understanding of
cryptography, maybe they can provide assistance. (grin)

-- 
Christopher William Klaus	Voice: (404)518-0099. Fax: (404)518-0030
Internet Security Systems, Inc.		Computer Security Consulting
2209 Summit Place Drive, Atlanta, GA. 30350-2450.

• Next message: Valdis.Kletnieks@vt.edu: "Re: NYT Article this morning"
• Previous message: Rick Busdiecker: "Re: NYT Article this morning"
• In reply to: Perry E. Metzger: "Re: IP spoofing vs tcp wrappers and netacl"
• Next in thread: Perry E. Metzger: "Re: IP spoofing vs tcp wrappers and netacl"