[842] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Would an encrypted tunnel solve the SeqNo guessing attack?

daemon@ATHENA.MIT.EDU (smb@research.att.com)
Mon Jan 30 15:21:37 1995

From: smb@research.att.com
To: bet@std.sbi.com (Bennett Todd)
Cc: bugtraq@fc.net (Bugtraq mailing list)
Date: Mon, 30 Jan 95 12:09:54 EST

> I'm not keen on the idea of people grabbing my telnet session away from me
> and making free with it. I'm resigned to the notion that they can steal
> it; I'd like to make it useless to them once they've got it.
> 
> Suppose I took term (a multiplexing, compressing, error-correcting serial
> tunnel program) and added encryption, and rigged that to be my login shell.
> I'd log in to the computer, and after my S/Key prompt it'd fire up an
> encrypted term. I don't see any way some could burgle in through that.
> 
> Have I missed something fundamental here? Or would this work?

Encrypting will defeat the attack; however, different methods of
encrypting will have different properties. 

If you encrypt at application level, above TCP, someone who tries
to inject garbage will perpetrate a denial of service attack on you.
If you encrypt below TCP, garbage will be rejected, and the normal
TCP retransmission mechanisms will recover.

home help back first fref pref prev next nref lref last post