17 Dec
2003
17 Dec
'03
11:17 p.m.
smb@research.att.com says:
Although running an encrypted IP stack does require sysadmin cooperation, it does not require a kernel rebuild -- John Ioannidis has built modloadable versions of most of the swIPe software.
Assuming, of course, that you're running a system that has modload. (Ironically, CERT has recommended that you delete loadable device drivers from systems that don't need them, as a way to guard against password- sniffers.)
A short sighted view. You can't stop line monitoring -- you should defend against it with encryption instead. In an environment like mine, there are literally thousands of potential line monitoring points that I cannot defend, but encryption gives me real security. Perry