Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!mips!atha!aupair.cs.athabascau.ca!derrick
From: derrick@cs.athabascau.ca (Derrick Rowlandson)
Newsgroups: comp.dcom.lans
Subject: SLIP security question
Message-ID: <1803@aupair.cs.athabascau.ca>
Date: 27 Jun 91 01:41:40 GMT
Distribution: comp
Organization: Athabasca University
Lines: 21



I have a question about security hazards on a network's (TCP/IP) SLIP
connections. 

I understand that machines on the ethernet bus can place themselves in a 
promiscuous mode, and watch packets go by, including usernames and passwords. 
SLIP connections on the other hand are not on the bus, and I would expect 
that they will not see any data other than that which is intended for them, 
thereby not making them such a security risk. Is this valid reasoning?

Otherwise, what other security risks are there when dealing with
SLIP users? The SLIP 'server' we are using is a data switch (Gandalf
Starmaster), which will allow PC's to network after they enter a
unique service name, followed by a unique password.(when I say unique, I mean
that each SLIP user has a unique service and password)

Thanks for any and all comments, and information.


Derrick