[809] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Re: Router filtering not enough! (Was: Re: CERT advisory )

daemon@ATHENA.MIT.EDU (Jonathan M. Bresler)
Fri Jan 27 11:35:16 1995

Date: Fri, 27 Jan 1995 08:34:58 -0500 (EST)
From: "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>
To: Pete Hartman <pwh@bradley.bradley.edu>
Cc: bugtraq@fc.net, "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>
In-Reply-To: <9501270421.AA17838@bradley.bradley.edu>

On Thu, 26 Jan 1995, Pete Hartman wrote:

> >But in real life, the spoofing machine would never be requested to respond
> >to arp anyway, because in real life the spoofer should be on the other side
> >of your firewall router.  If the spoofer and spoofee are on the same ether-
> >net then there are serious internal problems that go beyond the scope of
> >firewalls!!
> 
> But such problems are the stock-in-trade of those of us at Universities.

	absolutely!  take that 386sx junker in the corner slap two 
ethernet cards in it and run drawbridge from TAMU, or a stripped/hacked 
down version of FreeBSD.   establish a perimeter based upon subnets, a list
of host addresses, anything.  

	hell, they can just snoop the wire and pick off your passwords as 
they fly by.

	lots and lots of other problems.  establish a perimeter.
jmb

Jonathan M. Bresler  jmb@kryten.atinc.com	| Analysis & Technology, Inc.  
						| 2341 Jeff Davis Hwy
play go.					| Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life	| 703-418-2800 x346


home help back first fref pref prev next nref lref last post