Re: Re: Router filtering not enough! (Was: Re: CERT advisory )

Jonathan M. Bresler (jmb@kryten.Atinc.COM)
Fri, 27 Jan 1995 08:34:58 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: smb@research.att.com: "Re: Router filtering not enough! (Was: Re: CERT advisory )"
Previous message: Rens Troost: "Re: Re[2]: "Secure Socket Layer" protocol (NYT Article)"
In reply to: Pete Hartman: "Re: Re: Router filtering not enough! (Was: Re: CERT advisory )"
Next in thread: Darren Reed: "Re: Router filtering not enough! (Was: Re: CERT advisory )"

On Thu, 26 Jan 1995, Pete Hartman wrote:

> >But in real life, the spoofing machine would never be requested to respond
> >to arp anyway, because in real life the spoofer should be on the other side
> >of your firewall router.  If the spoofer and spoofee are on the same ether-
> >net then there are serious internal problems that go beyond the scope of
> >firewalls!!
> 
> But such problems are the stock-in-trade of those of us at Universities.

	absolutely!  take that 386sx junker in the corner slap two 
ethernet cards in it and run drawbridge from TAMU, or a stripped/hacked 
down version of FreeBSD.   establish a perimeter based upon subnets, a list
of host addresses, anything.  

	hell, they can just snoop the wire and pick off your passwords as 
they fly by.

	lots and lots of other problems.  establish a perimeter.
jmb

Jonathan M. Bresler  jmb@kryten.atinc.com	| Analysis & Technology, Inc.  
						| 2341 Jeff Davis Hwy
play go.					| Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life	| 703-418-2800 x346

Next message: smb@research.att.com: "Re: Router filtering not enough! (Was: Re: CERT advisory )"
Previous message: Rens Troost: "Re: Re[2]: "Secure Socket Layer" protocol (NYT Article)"
In reply to: Pete Hartman: "Re: Re: Router filtering not enough! (Was: Re: CERT advisory )"
Next in thread: Darren Reed: "Re: Router filtering not enough! (Was: Re: CERT advisory )"