Markoff/NYT on IP spoofing
John Markoff writes in Monday's New York Times about a rash of computer security breaches using IP spoofing to penetrate routers and firewalls. That's all the technical info I coudld glean from the story; CERT is supposed to "make an announcement" later today and tell us what brands of routers can and cannot be modified to defend against this type of attack. Towards the end of the article Markoff puts in a nice plug for crypto: Most computer security experts say that real security on the Internet awaits the widespread adoption of encryption technology for scrambling data and authenticating messages. ``The right answer is encryption because when you encrypt your business data you don't care how many people get a copy,'' said Eric Schmidt, the chief technical officer of Sun Microsystems. ``My prediction is that this will be the only real solution to these problems.'' --bal
"Brian A. LaMacchia" says:
John Markoff writes in Monday's New York Times about a rash of computer security breaches using IP spoofing to penetrate routers and firewalls. That's all the technical info I coudld glean from the story; CERT is supposed to "make an announcement" later today and tell us what brands of routers can and cannot be modified to defend against this type of attack.
The attack is far worse than described in the Times. Markoff didn't quite understand the full ramifications, or perhaps people weren't telling him the full story. Its *NOT* just IP spoofing. Perry
"Brian A. LaMacchia" says:
John Markoff writes in Monday's New York Times about a rash of computer security breaches using IP spoofing to penetrate routers and firewalls. That's all the technical info I coudld glean from the story; CERT is supposed to "make an announcement" later today and tell us what brands of routers can and cannot be modified to defend against this type of attack.
The attack is far worse than described in the Times. Markoff didn't quite understand the full ramifications, or perhaps people weren't telling him the full story. Its *NOT* just IP spoofing.
Perry, pray tell, what else was John alluding to? - paul _______________________________________________________________________________ Paul Ferguson US Sprint tel: 703.689.6828 Managed Network Engineering internet: paul@hawk.sprintmrn.com Reston, Virginia USA http://www.sprintmrn.com
Paul Ferguson says:
The attack is far worse than described in the Times. Markoff didn't quite understand the full ramifications, or perhaps people weren't telling him the full story. Its *NOT* just IP spoofing.
Perry, pray tell, what else was John alluding to?
I'm still trying to clear with my sources who told me in confidence what I can and can't say now that the article is out. However, the problem was documented by Bellovin some years ago. Perry
Perry, pray tell, what else was John alluding to?
I'm still trying to clear with my sources who told me in confidence what I can and can't say now that the article is out. However, the problem was documented by Bellovin some years ago.
Hmm. This could indeed be something of concern, since it demonstrates that someone is taking great pains to take advantage of the shortcomings of the IP protocol, if I recall smb's paper content. I'll have to dig that one out when I get into the office this morning... - paul - -- _______________________________________________________________________________ Paul Ferguson US Sprint tel: 703.689.6828 Managed Network Engineering internet: paul@hawk.sprintmrn.com Reston, Virginia USA http://www.sprintmrn.com
participants (3)
-
Brian A. LaMacchia -
paul@hawksbill.sprintmrn.com -
Perry E. Metzger