On Tue, 23 Jan 1996, Frank Willoughby wrote:
At 10:30 AM 1/23/96 -0500, perry@piermont.com allegedly wrote:
Frank Willoughby writes:
While IP level security & authentication will go a long way to help prevent abuses and reduce unauthorized accesses, I doubt if it will provide enough protection by itself.
I agree with this, but...
o Node Spoofing will probably still be possible
Nope. It won't.
I disagree. I haven't met a system that couldn't somehow be gotten around. The creativity of hackers is succeeded only by their motivation and ability to put many hours into trying to solve a problem. Including the word "probably" was deliberate. Kerberos was also thought to be secure - 'til it was compromised. Software isn't bug-free & design or security methodologies can't provide 100% coverage. Hackers take advantage of this and inherent weaknesses in design flaws.
Clearly. I keep hearing references to weaknesses in kerberos, which I more or less rely on. What are the problems I should be worrying about? Preferably as URLs. Also, we have a new kerberos implementation for Macs that we're going to roll out soon. I'll see if the project manager would be willing to let other people take a look at it. -rich