Path: utzoo!mnetor!uunet!husc6!mit-eddie!ll-xn!ames!ncar!oddjob!mimsy!aplcen!osiris!mjr
From: mjr@osiris.UUCP (Marcus J. Ranum)
Newsgroups: comp.dcom.lans
Subject: Re: Security on ethernet, recent LAN mag article
Message-ID: <1572@osiris.UUCP>
Date: 24 Mar 88 13:54:16 GMT
References: <4805@ecsvax.UUCP>
Reply-To: mjr@osiris.UUCP (Marcus J. Ranum)
Organization: Institute For Felinographical Studies
Lines: 22
Keywords: ethernet,security

In article <4805@ecsvax.UUCP> howell@ecsvax.UUCP (Doc A. Howell) writes:
>
>  Did anyone read the recent LAN magazine article on ethernet security? 
>I am sure some did. The article addressed the use of an ethernet monitor
>to spy on an ethernet to obtain passwords, look at data, and have fun in 
>general. [...]

	Don't forget the venerable IBM PC with the ethernet card in it.
In fact, any system that does not have some form of reasonable security
to prevent a user from changing its name, in the case of a trusted host,
or sending hand-made packets out on the net (which the PC can do, if you
care to). I believe there is even TCP monitoring software available for
the PCs. 
	This is in issue in my mind, since I know of at least one site
that has PCs on the net, as well as confidential and highly sensitive
data.

--mjr();
-- 
------------------------------------------------------------------------------
...ich bin in einem dusenjet ins jahr 53 vor chr...ich lande im antiken Rom...
                     einige gladiatoren spielen scrabble...ich rieche PIZZA...