Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!rutgers!ames!ucbcad!ucbvax!WILLIAMS.BITNET!WITLICKI From: WITLICKI@WILLIAMS.BITNET.UUCP Newsgroups: mod.protocols.tcp-ip Subject: Ethernet Security Message-ID: <8702170229.AA25371@ucbvax.Berkeley.EDU> Date: Mon, 16-Feb-87 21:32:04 EST Article-I.D.: ucbvax.8702170229.AA25371 Posted: Mon Feb 16 21:32:04 1987 Date-Received: Tue, 17-Feb-87 18:39:20 EST Sender: daemon@ucbvax.BERKELEY.EDU Organization: The ARPA Internet Lines: 30 Approved: tcp-ip@sri-nic.arpa >From: Ken Mandelberg >Subject: Ethernet Security > > How difficult is it to do ethernet address impersonation without > hardware (including eprom) modification in commonly available >workstations? For example, we have: Sun 3's, Microvaxen, 3B2s, >3B1's, and IBM PCs with 3-COM cards. On which of these could... > >I realize this is one tiny aspect of security, but it is one our >administration has seized upon. It turns out our departmental >ethernets are linked with filtered bridges, which have a naive... Hardware ethernet addresses and university administrative worries are almost two separate issues. Perhaps M. Padlipsky can fill us in on the finer points of layering manners here.. The hardware (rom) says Boot Me Now, please... If I don't need to be booted off of your file server I may not need a special hardware address. Up a few layers you have Mail From: things flying around... The filtering bridges are almost irrelevant. I can break into the wiring closet where the college president's phone line is, I may tap into the comm. link for your IBM mainframe which probably doesn't have link level encryption... but that takes involved intent and effort; I think you are asking - what about the hacker in a lab with a PC with an ethernet card? Keep the academic (students) stuff *physically* separate from your sensitive data (i.e. administrative systems) - randy