>> For lack of better terminology, I have been calling both of the
>> following situations 'spoofing'. If there is a better industry erm
>> for the second scenario I would like to hear it:
>>
>> 1. MIBH (Man in Black Hat) knows the internal workings of the
>> network at company X. MIBH directly attempts to use an internal
>> trusted IP
>> address from an untrusted attached
>> network.
>> 2. MIBH believes that company X is properly firewalled and that
>> spoof type 1 will not work. MIBH knows that company X has strong
>> ties with company Y. MIBH attempts to use the
>> company Y IP address to gain trusted access to
>> application proxies on the firewall.
Bob said:
Date: 6/25/96 5:10 PM
>"Spoofing" refers to looking like someone else. In both cases you are
>spoofing, that is, you are making yourself (the packets you send out) appear
>to come from someone else. One way to gain access to a site is to spoof a
>trusted host. In other words, make yourself look like a machine that is
>trusted. Both of the cases you mention do this. The first one is spoofing
>an internal address; the second is spoofing a trusted external address.
>Bob
The reason for my distinction (and the original question) is that many firewall
products are claiming to be spoof proof where (assuming no strong
authentication) what they are actually doing is distinguishing from internal and
external traffic rather than just the IP address. This might certainly solve
the problem in the first case of spoofing but not the second (again assuming no
strong authentication). My goal is not to define a new term only to be certain
that I am not alone in thinking that 'spoof-proof' does not inherently cover all
of the bases.
Dan Salenger
Deloitte & Touche LLP
dsalenger @
dttus .
com
The following is an attached File item from cc:Mail. It contains
information that had to be encoded to ensure successful transmission
through various mail systems. To decode the file use the UUDECODE
program.
--------------------------------- Cut Here ---------------------------------
begin 644 RFC822.TXT
M4F5C96EV960Z(&9R;VT @
9V%T93$N9'1T=7,N8V]M(&)Y(&-C,RYD='1U<RYC
M;VT @
*%--5%!,24Y+(%8R+C$Q(%!R95)E;&5A<V4 @
-"D-"B`@("`[(%1U92P@
M,C4 @
2G5N(#DV(#$W.C$P.C,U($-35`T*4F5T=7)N+5!A=&@Z(#QF:7)E=V%L
M;',M;W=N97)`1W)E871#:7)C;&4N0T]-/@T*4F5C96EV960Z(&9R;VT@<F5L
M87DW+E55+DY%5"!B>2!G871E,2YD='1U<RYC;VT @
*#4N>"]334DM4U92-"D-
M"B`@("!I9"!!03(S-C @
Q .
R!4=64L(#(U($IU;B`Q.3DV(#$W.C`U.C0Q("TP
M-3`P#0I296-E:79E9#H @
9G)O;2!M:6QE<RYG<F5A=&-I<F-L92YC;VT @
8GD@
M<F5L87DW+E55+DY%5"!W:71H($533510(`T*("`@("AP965R(&-R;W-S8VAE
M8VME9"!A<SH@;6EL97,N9W)E871C:7)C;&4N8V]M(%LQ .
3 @
N,3`R+C(T-"XS
M-%TI#0H@("`@:60 @
45%A=G)K,#8U.#0[(%1U92P@,C4 @
2G5N(#$Y.38@,3 @
Z
M,#0Z,C8 @
+3`T,#` @
*$5$5"D-"E)E8V5I=F5D.B`H;6%J;W)D;VU`;&]C86QH
M;W-T*2!B>2!M:6QE<RYG<F5A=&-I<F-L92YC;VT @
*#@N-RXQ+6QI<W1S+TQI
M<W1S+3DV,#0Q-RTQ*2!I9"!-04$Q.38S-R!F;W(@9FER97=A;&QS+6]U=&=O
M:6YG.R!4=64L(#(U($IU;B`Q.3DV(#$R.C4W.C(Y("TP-S`P("A01%0I#0I2
M96-E:79E9#H @
9G)O;2!S;VPN86ET8RYR97-T+G1A<V,N8V]M("AS;VPN86ET
M8RYR97-T+G1A<V,N8V]M(%LQ-#<N.#$N-3`N,3(X72D @
8GD@;6EL97,N9W)E
M871C:7)C;&4N8V]M("@X+C<N-"]-:6QE<RTY-3$R,C$M,2D @
=VET:"!33510
M(&ED($U!03$Y-3DQ(&9O<B`\9FER97=A;&QS0&=R96%T8VER8VQE+F-O;3X[
M(%1U92P@,C4 @
2G5N(#$Y.38@,3(Z-3<Z,3,@+3`W,#` @
*%!$5"D-"E)E8V5I
M=F5D.B!F<F]M('-U;B!B>2!S;VPN86ET8RYR97-T+G1A<V,N8V]M("A.6#4N
M-C=D+TY8,RXP32D-"E)E8V5I=F5D.B!F<F]M(&EW9&,Q+F]F9FEC92YR97-T
M+G1A<V,N8V]M(&)Y('-U;BYA:71C+G)E<W0N=&%S8RYC;VT @
*$Y8-2XV-V4O
M3E @
S+C!3*0T*4F5C96EV960Z(&9R;VT@:7=D8S$N;V9F:6-E+G)E<W0N=&%S
M8RYC;VT @
8GD@:7=D8S$N;V9F:6-E+G)E<W0N=&%S8RYC;VT @
*#0N,2]334DM
M-"XQ*0T*365S<V%G92U)9#H@/#DV,#8R-3$X,#`N04$P,34Q.$!I=V1C,2YO
M9F9I8V4N<F5S="YT87-C+F-O;3X-"E @
M36%I;&5R.B!E>&UH('9E<G-I;VX@
M,2XV+C8@,R\R-"\Y- @
T*5&\Z(")$86YI96P @
4V%L96YG97(B(#QD<V%L96YG
M97)`9'1T=7,N8V]M/@T*0V,Z(&9I<F5W86QL<T!G<F5A=&-I<F-L92YC;VT-
M"E-U8FIE8W0Z(%)E.B!3<&]O9FEN9R`M('=H870@:7,@:6X @
82!N86UE(`T*
M26XM4F5P;'DM5&\Z(%EO=7(@;65S<V%G92!O9B`B5'5E+"`R-2!*=6X@,3DY
M-B`Q,#HT-#HR.2!#4U0N(@T*36EM92U697)S:6]N.B`Q+C`-"D-O;G1E;G0M
M5'EP93H @
=&5X="]P;&%I;CL @
8VAA<G-E=#UU<RUA<V-I:0T*1&%T93H @
5'5E
M+"`R-2!*=6X@,3DY-B`Q-#HP,#HR.2`M,#0P,`T*1G)O;3H @
0F]B($)O=V5S
M(#QR96)O=V5S0&EW9&,Q+F]F9FEC92YR97-T+G1A<V,N8V]M/@T*4V5N9&5R
M.B!F:7)E=V%L;',M;W=N97)`1W)E871#:7)C;&4N0T]-#0I0<F5C961E;F-E
(.B!B=6QK#0H`
end
|
|
