[138] in WWW Security List Archive
re: what are realistic threats?
daemon@ATHENA.MIT.EDU (Jeffrey I. Schiller)
Tue Sep 27 22:03:49 1994
Date: Tue, 27 Sep 94 18:43:54 -0400
From: "Jeffrey I. Schiller" <jis@mit.edu>
To: dmk@allegra.att.com
Cc: www-buyinfo@allegra.att.com, www-security@ns1.rutgers.edu, zurko@osf.org
In-Reply-To: <199409271808.OAA21506@ns1.rutgers.edu> (dmk@allegra.att.com)
Reply-To: "Jeffrey I. Schiller" <jis@mit.edu>
-----BEGIN PGP SIGNED MESSAGE-----
Date: Tue, 27 Sep 94 13:44:42 EDT
From: dmk@allegra.att.com (Dave Kristol)
...
Okay, let me ask a very specific question, one that my original posting
asked in an obscure and elliptical way. The question is, How realistic
a threat are active attacks? I'm talking about the kind of attack
where you interpose your machine on a wire and can intercept, replace,
or change messages. (Passively listening and then replaying messages
or pretending to be someone else are also active attacks, I guess, but
I'm primarily concerned with those that require physical access to the
network.)
By "realistic", I mean both feasible and likely, by skilled
non-governmental people or groups (i.e., hackers or organized crime).
(Of course in the organized crime case, it's probably cheaper and
easier to subvert people than technology.)
How realistic an active attack is depends on what you call an active
attack. I have seen programs that permit me to have a TCP connection to
you and yet provide an arbitrary IP source address. I may not be able
to see your responses, but I can feed you a lot of data that you will
believe originated from the claimed IP address.
Now consider that all it takes is one bad guy to write the attacking
program, and any idiot can then make use of it. Also keep in mind that
regional network providers have been successfully broken into (one as
recently as last week) which is to say bad guys have obtained control
over assets that route and direct traffic Internet traffic.
Don't worry about active attackers, plan on them!
-Jeff
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLoigGMUtR20Nv5BtAQGQmgP+O1DcUu/ApdgmDLgtlCGy0zaupGnAfC3P
rdP+Ge82J2ThOcTllrIh1v09k5S87qcZ+aqSwd/8yMQFletez3mkicycrozmC2Al
PjiCOFKQlFtjrtG4unSnsUnw4g8EtRtsC0zefqv16QpbOZaCXJMflyOAa23hxQbo
g+0nYzdrp14=
=A4go
-----END PGP SIGNATURE-----
