Newsgroups: comp.protocols.tcp-ip Path: utzoo!henry From: henry@utzoo.uucp (Henry Spencer) Subject: Re: Re: IP based authentication of hosts Message-ID: <1989Apr17.213712.5631@utzoo.uucp> Organization: U of Toronto Zoology References: <376@ists.ists.ca> <29416@bu-cs.BU.EDU> <29455@bu-cs.BU.EDU> <10526@bloom-beacon.MIT.EDU> <29475@bu-cs.BU.EDU> <709@scaup.cl.cam.ac.uk> Date: Mon, 17 Apr 89 21:37:12 GMT In article <709@scaup.cl.cam.ac.uk> scc@cl.cam.ac.uk (Stephen Crawley) writes: >Kent England suggests that it is possible to prevent ether snooping >in many cases, and that this can be used to give ``a modest level of >security sufficient to fulfill [his] obligations to protect data and >yet still allow [] applications to use network technology'' > >Kent, how do you propose to stop J R User from unplugging his Sun and >plugging in a PC to run an etherspy? If he's using Ethernet to connect Suns in offices and terminal rooms, he can't. If, on the other hand, it's simply the interconnect within a central computing facility, then the situation is not so bad. Yes, it can always be done by someone with the right tools and knowledge -- but in most places, such people are relatively rare. The key question is, what level of threat are you trying to defend against? If all you want is to stop casual nosiness by J R User, Kent's approach may be reasonable. Even if JRU knows how to tap an Ethernet -- and if it's thick cable, the chances are pretty good that he doesn't -- he is going to be reluctant to walk into a facility where he is an unauthorized outsider and start pulling up floor tiles and messing with cables underneath. Likewise, he's going to be reluctant to disconnect existing transceiver cables, for fear that he'll disrupt ongoing activities badly enough for the Cable Police to come charging in the door. No, it's not going to stop a determined and knowledgeable intruder who is willing to take some risks, but that's a different level of threat and a rather less common one. Switching to encryption-based schemes will thwart him, but it is much more costly in several ways. In a relatively friendly environment, it may not be cost-effective. >I put it to you that your ``modest degree of security'' is actually >no security worth speaking of. It depends on what level of threat we are speaking of, and on details of the environment (e.g. where existing taps are). Don't dismiss it as "no security worth speaking of" just because it wouldn't stop the NSA. -- Welcome to Mars! Your | Henry Spencer at U of Toronto Zoology passport and visa, comrade? | uunet!attcan!utzoo!henry henry@zoo.toronto.edu