On Wed, 1 Nov 1995, Edward Maillet wrote:
> Flame away!
> ----- Ed Maillet
> maillet @
cs .
usm .
maine .
edu
>
Okay, I will! :)
> Hey All,
> Sorry to step on the toes of you S/Key, Keberos, it's-only-safe-if-it's-
> encrypted types but it seems that there are other ways of defeating
> packet sniffers. Both active and passive.
> Under certain network topologies, sniffing can be rendered useless without
> encryption. Consider an ethernet that contains an ethernet switch and some
> 10Base-T hubs.
Yes, you're describing 'Intelligent Hubs' available from HP and other
vendores. They work well, but what happens when that data flows up to your
WAN, or the company backbone and someone sniffs there? I think what we
were trying to prevent was attacks upon data crossing the internet.
> I realize that this is a rather specific topology but it is an interesting
> and rather simple solution.
>
Your solution is a good one, but doesn't cover all the bases.
.. : : : : : : .. : : : : : : .. : : : : : .. : : : : : .. : : : : : ..
John Adams jna @
echonyc .
com
EchoNYC Systems Administrator (212) 292-0900
References:
|
|
