Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!uw-beaver!mit-eddie!bu-cs!kwe
From: kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England))
Newsgroups: comp.protocols.tcp-ip
Subject: Security Problems in TCP/IP
Keywords: security authentication encryption boondoggle
Message-ID: <30524@bu-cs.BU.EDU>
Date: 1 May 89 17:46:16 GMT
Organization: Boston U. Information Technology
Lines: 31


	You may recall the thread of a discussion I started regarding
security on TCP/IP internets.  I think it was called "IP
authentication of hosts" or something similar.

	Well, Steve Bellovin of Bell Labs told me about an article he
had written and was soon publishing that I should read.  I did.  I
recommend it to your attention.

	It is in ACM Computer Communication Review Vol 19, No. 2,
April 1989 pg 32 available on your news stands now.  It is entitled
"Security Problems in the TCP/IP Protocol Suite".

	Steve covers these problem areas:

	TCP Sequence Number Prediction
	Source Routing
	RIP attacks
	EGP attacks
	ICMP based attacks
	The RFC 931 Authentication Server
	Information dissemination services (finger, e-mail, ...)
	DNS
	FTP
	Network Management
	Remote Booting
	snooping and spoofing on a LAN
	TFTP
	Privileged Ports

and comprehensive defenses based on authentication and encryption.