Re: what are realistic threats

• To: Dave Kristol <dmk@allegra.att.com>
• Subject: Re: what are realistic threats
• From: Steve Kent <kent@bbn.com>
• Date: Thu, 29 Sep 94 11:20:41 -0400
• Cc: www-buyinfo@allegra.att.com, www-security@ns1.rutgers.edu
• In-Reply-To: Your message of Wed, 28 Sep 94 10:00:14 -0400.
• Reply-To: Steve Kent <kent@bbn.com>

Dave,

	I'd disagree with your characterization of an active attack as
requiring hardware inline.  We already have hardware in place capable
of effecting the necessary attacks, e.g., routers.  If an attacker can
subvert router management protocols, then he can introduce his own
software and thus carry out an attack form the comfort of his
workstation.  I've seen software capable of doing this in the X.25
environment; it was developed to support diagnosis of subsciber
network problems.  Router versions are a straightforward extrapolation
of this software, and malicious versions represent a simple evolution
>From there.

Steve

• Previous: Re: First Virtual
• Next: Re: what are realistic threats?
• Index(es):
  • Index
  • Thread