Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!purdue!bu-cs!kwe From: kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England)) Newsgroups: comp.protocols.tcp-ip Subject: Re: IP based authentication of hosts Message-ID: <29549@bu-cs.BU.EDU> Date: 13 Apr 89 18:51:20 GMT References: <376@ists.ists.ca> <29416@bu-cs.BU.EDU> <29455@bu-cs.BU.EDU> <10526@bloom-beacon.MIT.EDU> <29475@bu-cs.BU.EDU> <10540@bloom-beacon.MIT.EDU> Reply-To: kwe@buit13.bu.edu (Kent England) Followup-To: comp.protocols.tcp-ip Organization: Boston U. Information Technology Lines: 30 In article <10540@bloom-beacon.MIT.EDU> boomer@space.mit.edu (Don Alvarez) writes: >> >> So, if I set-up "secure" subnets with hosts that are >>"sanitized" to some degree, and I have some level of physical security >>on these subnets, and I use Kerberos to protect passwords, and I turn > >No. You don't have anything worth having. All I need is an IBM-PC >($0.10/dozen), an ethernet card ($0.20/dozen), and a vampire tap ($0.50/ >dozen), and I can listen to ANYTHING I want to on your "secure" subnet. >As you leave your office today, look at the yellow or orange cable running >all over your building/campus and tell me that you can secure every inch of it. Of course I would not think of using that yellow or orange cable for a secure subnet. I don't like that cable for open subnets- it's too hard to manage in an office environment. But I can think of several techniques to install relatively secure Ethernet subnets. My secure subnet might be a delni in a locked equipment rack. I could even say that my twisted pair Ethernet subnets are sufficiently secure against snooping under certain extra conditions. And if that isn't good enough, fiber today is as easy to install as thin coax (though not as cost effective), so I could spec fiber. I am not trying to secure my nets against the KGB, so don't tell me you can crack any net I design and install. I just want a reasonable level of physical security, like I require of my backbone nets. I could spec conduits if I had to, but that is taking things too far. I would spec link level encryption first.