Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!sundc!pitstop!sun!decwrl!labrea!rutgers!husc6!bbn!uwmcsd1!uwmacc!ejnorman
From: ejnorman@uwmacc.UUCP (Eric Norman)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: Ethernet Bridge
Message-ID: <1940@uwmacc.UUCP>
Date: Tue, 3-Nov-87 20:39:26 EST
Article-I.D.: uwmacc.1940
Posted: Tue Nov  3 20:39:26 1987
Date-Received: Sat, 7-Nov-87 09:07:49 EST
References: <8710302138.AA04810@ucbvax.Berkeley.EDU> <7603@g.ms.uky.edu>
Reply-To: ejnorman@unix2.macc.wisc.edu
Organization: UW-Madison Academic Computer Center
Lines: 25

In article <7603@g.ms.uky.edu> david@ms.uky.edu (David Herron) asks:
> 
> What do people think about the security issues?  Right now, the
> concern is someone creating a situation where one of our equiv
> hosts is down, the bad-guy boots a machine that says he is
> the now-down machine and creates an suid shell on another of

Well let's see.  Suppose I have hosts Bossie and Elsie here that
trust each other and Bossie goes down and you're going to try to
make Elsie think you're Bossie from the other side of a LAN-100.
Now, what I'm gonna do is put a permanent entry in Elsie's ARP
cache with Bossie's IP number and ethernet address.  Well, I
reckon you can get a packet to Elsie that she'll think came from
Bossie, but I'd like to know how you're going to see the packets
coming from Elsie destined for Bossie.

Eric Norman
Internet:     ejnorman@unix2.macc.wisc.edu
UUCP:         ...{allegra,ihnp4,seismo}!uwvax!ejnorman
Life:         Detroit!Alexandria!Omaha!Indianapolis!Madison!Hyde
  
"Tis far easier for a peacock to show his true colors
 than it is for a lion to swallow his pride."
		-- Arte Johnson
--