From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 24 Jan 1996 05:22:28 +0800
To: Frank Willoughby <frankw@in.net>
Subject: Re: IPSEC == end of firewalls
In-Reply-To: <9601231947.AA20689@su1.in.net>
Message-ID: <199601232001.PAA10960@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Frank Willoughby writes:
> At 10:30 AM 1/23/96 -0500, perry@piermont.com allegedly wrote:
> >Frank Willoughby writes:
> >> While IP level security & authentication will go a long way to help 
> >> prevent abuses and reduce unauthorized accesses, I doubt if it will
> >> provide enough protection by itself.
> >
> >I agree with this, but...
> >
> >> o Node Spoofing will probably still be possible
> >
> >Nope. It won't.
> 
> I disagree.  I haven't met a system that couldn't somehow be gotten around.

Yes, certainly. You can bribe someone, get physical access to
machines, etc.

However, unless you know a way to crack RSA, it is unlikely that
a system using Photuris+IPsec will permit IP spoofing.

> The creativity of hackers is succeeded only by their motivation and
> ability to put many hours into trying to solve a problem.  Including
> the word "probably" was deliberate.  Kerberos was also thought to be
> secure - 'til it was compromised.

Kerberos was compromised? When? By whom? Are you talking about
Bellovin's paper on weaknesses in Kerberos (most of which are
avoidable or fixed in K5), or are you talking about a real break? If
the latter, its the first that I've heard of it.

> >> I suspect even when firewalls are embedded in the O/S,
> >
> >That would be somewhat meaningless. The point of a firewall, as others
> >here have noted, is that it is easier to secure one machine than five
> >hundred or ten thousand.
> 
> I disagree here also.  Systems by themselves are fairly useless.
> Their power (and main vulnerability) comes from their ability to
> network with other systems.  A system connected to a network is
> vulnerable.  The fact that a corporate firewall protects the system
> from the Internet in no way decreases the vulnerability of that
> system (and other systems) from *internal* attacks which can be as
> devastating as an Internet attack.
> 
> Including firewall capabilities as part of the Operating System's network
> applications would help the system protect itself from abuses from the 
> Internet - as well as from internal.

These last two paragraphs are gibberish.

You can't "firewall" every machine -- the act is meaningless. A
Firewall is a filter designed to protect you from bugs in the setup or
implementation of the software on the machines on the inside. What
would it mean for a machine to have "firewall software" in the
operating system? Systems already attempt to prevent unauthorized
access -- the reason you have firewalls is because that software is
sometimes buggy. "Firewall software" in the OS is a meaningless
concept.

Perry