Great Circle Associates Firewalls
(February 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Risk for session hijacknig
From: Per Josefsson <per . josefsson @ mailbox . postnet . se>
Organization: PostNet AB
Date: Thu, 08 Feb 1996 04:55:43 +0100
To: firewalls @ GreatCircle . COM 
My need is to let users upload files with ftp, those files have to be 
secrets for say two month.
It seems that a common precaution is to use one time passwords but it 
seems to me as the opinion of this mailing list states that it isn?t 
enough.
Does anyone have a opinion about the risk one expose him self for, if 
allowing inbound sessions throng a firewall. I think that there isn?t a 
absolutely secure solution even strong cryptography are breakable (if You 
have the time (and the plaintext)). How long would it take to take over a 
ISP?s router and install software to take over my users sessions. 


Regards 
Per Josefsson
Indexed By Date Previous: RE: NT's TCP/IP stack
From: Chris Woods <cjwoods @ Paladin . COM>
Next: Re: I want details!!! Re: NT's TCP/IP stack
From: Chris Osborn <cosborn @ bbnplanet . com>
Indexed By Thread Previous: Re: Global broadcasts
From: Steve Kennedy <steve @ gbnet . org>
Next: Unix hack
From: Sick Puppy <sikpuppy @ maestro . com>
Google
 
Search Internet Search www.greatcircle.com