Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!allosaur.cis.ohio-state.edu!bob From: bob@allosaur.cis.ohio-state.edu (Bob Sutterfield) Newsgroups: comp.protocols.tcp-ip Subject: Re: IP based authentication of hosts Message-ID: Date: 26 Apr 89 14:06:27 GMT References: <376@ists.ists.ca> <29416@bu-cs.BU.EDU> <1989Apr17.213712.5631@utzoo.uucp> <291@ctycal.UUCP> Sender: news@tut.cis.ohio-state.edu Organization: The Ohio State University Dept of Computer & Information Science Lines: 18 In-reply-to: ingoldsb@ctycal.COM's message of 23 Apr 89 03:44:06 GMT In article <291@ctycal.UUCP> ingoldsb@ctycal.COM (Terry Ingoldsby) writes: This is derived on something I read in BYTE some time ago. (...surely a reputable authority on the management on large networks of modern machines :-) Protect both files, so only privileged processes can read them (if you can't trust superusers, your security is shot anyway). I trust superusers on consoles of hosts that are locked in our machine room. I don't trust superusers anywhere else. MIT publishes their workstations' root password in their lab guides. "Shot" host security is different from "shot" network security, and "shot" remote host security is different from "shot" local host security. I want to maintain some semblance of security on our systems, and I do that by assuming (recognizing?) that the network and all the other systems on it are insecure.