Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!iuvax!cica!tut.cis.ohio-state.edu!rutgers!phri!roy From: roy@phri.UUCP (Roy Smith) Newsgroups: comp.dcom.lans Subject: Re: Ethernet security Message-ID: <3961@phri.UUCP> Date: 28 Aug 89 17:40:29 GMT References: <3956@phri.UUCP> Reply-To: roy@phri.UUCP (Roy Smith) Organization: Public Health Research Inst. (NY, NY) Lines: 24 In hedrick@geneva.rutgers.edu (Charles Hedrick) writes: > (Roy didn't point out that the Sun software he is describing can't be run > by normal users.) Depends on what you mean by "normal". Yes, they have to be clever, but no, they don't have to have the root password. They do have to have superuser access, but on a typical Sun workstation, it is trivial to become the superuser without having the root password. L1-A, for example. But, Charles is correct in the gist of his argument; just because it is technically possible to spy on an ethernet doesn't mean I would classify ethernet as "insecure" for what I would guess is the majority of what goes on in a university computing environment. Certainly RS-232 tapping is possible as Charles pointed out, and if you are clever enough you can tap just about any medium you want to (I've heard of ultra sensitive optical amplifier which can tap a fiber optic line). Find out what level of security is really required before you decide what step you have to take to ensure that level. -- Roy Smith, Public Health Research Institute 455 First Avenue, New York, NY 10016 {att,philabs,cmcl2,rutgers,hombre}!phri!roy -or- roy@alanine.phri.nyu.edu "The connector is the network"