1994-03-02 - Re: low-overhead encrypted telnet
Header Data
From: “Perry E. Metzger” <pmetzger@lehman.com>
To: smb@research.att.com
Message Hash: 1a9e7ddc5fa4e78e9d9667ecc81dd401e71f7099855aabecb50a4597a40222fd
Message ID: <9403021654.AA21811@andria.lehman.com>
Reply To: <9403021646.AA21038@toad.com>
UTC Datetime: 1994-03-02 16:55:09 UTC
Raw Date: Wed, 2 Mar 94 08:55:09 PST
Raw message
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Wed, 2 Mar 94 08:55:09 PST
To: smb@research.att.com
Subject: Re: low-overhead encrypted telnet
In-Reply-To: <9403021646.AA21038@toad.com>
Message-ID: <9403021654.AA21811@andria.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain
smb@research.att.com says:
> Although running an encrypted IP stack does require sysadmin
> cooperation, it does not require a kernel rebuild -- John Ioannidis
> has built modloadable versions of most of the swIPe software.
>
> Assuming, of course, that you're running a system that has modload.
> (Ironically, CERT has recommended that you delete loadable device drivers
> from systems that don't need them, as a way to guard against password-
> sniffers.)
A short sighted view. You can't stop line monitoring -- you should
defend against it with encryption instead. In an environment like
mine, there are literally thousands of potential line monitoring
points that I cannot defend, but encryption gives me real security.
Perry
Thread
Return to March 1994
- Return to “Jim McCoy <mccoy@ccwf.cc.utexas.edu>”
- Return to ““Perry E. Metzger” <pmetzger@lehman.com>”
Return to “smb@research.att.com”
- 1994-03-02 (Wed, 2 Mar 94 08:46:23 PST) - Re: low-overhead encrypted telnet - smb@research.att.com
- 1994-03-02 (Wed, 2 Mar 94 08:55:09 PST) - Re: low-overhead encrypted telnet - “Perry E. Metzger” <pmetzger@lehman.com>
- 1994-03-02 (Wed, 2 Mar 94 09:46:04 PST) - Re: low-overhead encrypted telnet - Jim McCoy <mccoy@ccwf.cc.utexas.edu>