Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!elroy.jpl.nasa.gov!news.larc.nasa.gov!grissom.larc.nasa.gov!kludge
From: kludge@grissom.larc.nasa.gov ( Scott Dorsey)
Newsgroups: comp.protocols.appletalk
Subject: Re: Watch, peeking, and security threats
Message-ID: <1991May16.142436.15468@news.larc.nasa.gov>
Date: 16 May 91 14:24:36 GMT
References: <9105160430.AA04272@eclectic.com>
Sender: news@news.larc.nasa.gov (USENET Network News)
Reply-To: kludge@grissom.larc.nasa.gov ( Scott Dorsey)
Organization: NASA Langley Research Center
Lines: 15

In article <9105160430.AA04272@eclectic.com> kovar@ECLECTIC.COM (David C. Kovar) writes:
>  The problem isn't in the tools that let you see the wire, it's
>in the applications that are stupid enough to transmit important
>data in the clear. Telnet/ftp have been doing this since they
>were first written, and people have been complaining for nearly
>as wrong. It's a shame that it may take security violations to get
>this sort of thing fixed, but that's what it looks like.

   While much of it is indeed the fault of the protocol, a good deal of blame
should be laid on an operating system which permits any user running any
program to access any device in any way.  The operating system should provide
user authentication and not permit untrusted users to put the ethernet card
in promiscuous mode.  For any installation with multiple machines and 
networks, this is the case.
--scott