1995-01-27 - Re: CERT statement
Header Data
From: Marc Horowitz <marc@cam.ov.com>
To: perry@imsi.com
Message Hash: c1478c1b51a2a3951d12e43d243eab7f58e52e70eeb02bc9c766cb35613c874b
Message ID: <9501270011.AA07672@dun-dun-noodles.cam.ov.com>
Reply To: <9501270006.AA17831@snark.imsi.com>
UTC Datetime: 1995-01-27 00:09:05 UTC
Raw Date: Thu, 26 Jan 95 16:09:05 PST
Raw message
From: Marc Horowitz <marc@cam.ov.com>
Date: Thu, 26 Jan 95 16:09:05 PST
To: perry@imsi.com
Subject: Re: CERT statement
In-Reply-To: <9501270006.AA17831@snark.imsi.com>
Message-ID: <9501270011.AA07672@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain
>> Kerberos per se isn't sufficient to defend against session hijacking
>> attacks, you know. The situation in question is really insidious and
>> requires packet-by-packet cryptographic authentication.
No, but kerberos or something like it is necessary. And I think I can
safely say that anything which really defends against TCP sequence
spoofing or hijacking attacks will be more invasive and require more
effort than kerberos, not less.
Marc
Thread
Return to January 1995
- Return to ““Ian Farquhar” <ianf@sydney.sgi.com>”
- Return to “Marc Horowitz <marc@cam.ov.com>”
- Return to ““Perry E. Metzger” <perry@imsi.com>”
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”
- 1995-01-26 (Thu, 26 Jan 95 13:39:44 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-27 (Thu, 26 Jan 95 16:23:19 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 10:50:35 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 11:32:12 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Fri, 27 Jan 95 11:09:38 PST) - Re: CERT statement - Thomas Grant Edwards <tedwards@src.umd.edu>
- 1995-01-27 (Fri, 27 Jan 95 10:53:30 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:09:05 PST) - Re: CERT statement - Marc Horowitz <marc@cam.ov.com>
- 1995-01-30 (Sun, 29 Jan 95 16:03:30 PST) - Re: CERT statement - “Ian Farquhar” <ianf@sydney.sgi.com>
- 1995-01-27 (Thu, 26 Jan 95 16:07:07 PST) - Re: CERT statement - “Perry E. Metzger” <perry@imsi.com>