[7113] in Kerberos
Re: Dial-In Servers and Kerberos
daemon@ATHENA.MIT.EDU (Art Houle)
Wed Apr 17 16:30:19 1996
Date: Wed, 17 Apr 1996 16:14:12 -0400 (EDT)
From: Art Houle <houle@acns.fsu.edu>
To: "HARRY R. ERWIN" <herwin@osf1.gmu.edu>
Cc: Darren Reed <darrenr@cyber.com.au>, kerberos@MIT.EDU
In-Reply-To: <Pine.OSF.3.91.960417122743.4360B-100000@mason2.gmu.edu>
On Wed, 17 Apr 1996, HARRY R. ERWIN wrote:
> > It is, however, relatively easy to do kerberos over the a tty dialin, all
> > you need to do is work out how your dialin `thing' is going to send
> > Kerberos `packets' to your KDC.
> >
>
> I know unencrypted dial-up access to a kerberized system means I'm already
> damned.
To steal info from someone elses dialup session, you need to tap the
wires at the user premises, at the central office, at the answering
equipment, or off the cables and none of these are easily avaiable.
Then you need to de-modulate the stream of tones with a pair of compatible
modems that has been hacked at the system-ROM level by someone with
knowledge of internal modem design. Far easier to bribe someone for the
information than find a team of talented technical conspirators.
So it goes. Unfortunately, I've been given OpenVision Kerberos 5
> running on a SPARC 5 and a second SPARC 5 running Solaris 2.4/5 and a 3Com
> Access Control Server, and told to work it out. The 3Com stuff works with
> OSF DCE and needs an HP server to do that.
>
> Harry Erwin, Internet: herwin@gmu.edu, Web Page: http://osf1.gmu.edu/~herwin
> PhD student in computational neurosci and lecturer for CS 211 (advanced C++)
>
>
Art Houle e-mail: houle@acns.fsu.edu
Academic Computing & Network Services Voice: 644-2591
Florida State University FAX: 644-8722
