cory@gloom.UUCP (Cory Kempf) (12/30/88)
In article <6943@spool.cs.wisc.edu> dave@cs.wisc.edu (Dave Cohrs) writes: >There are types of networking hardware that make it much easier >to detect when your workstation is rebooted (or whatever). Don't assume >that all the world's an Ethernet. You are in charge of security for a site consisting of several networked workstations... When you logged in this morning, you notice that Cindy's (one of the company's employees whith a workstation) machine went down last night at about 3:12 AM. Cindy is currently working on her machine. What are you going to do? (And are you really going to do this for each and every machine, every time it goes down?) (if it appears that I am about to try to lead you down the garden path, you may be right...) >Also, if I read Phil correctly, he's talking about having you, the >user, authenticate the workstation as *yours*. That is, you have to >go though some authentication protocol, giving your password, which >would give your workstation some cookie that said "this workstation >belongs to cory", [etc] The problem that I am going to be bringing to light (to the extent of my imaginings today) would not find the above to be a significant problem. >If being root on your workstation can spoof the authentication >mechanism, then it's pretty useless in the grand scheme of things. >Yes, rlogin is too trusting. I submit that any scheme that only requires the user to log into the host machine can be subverted by root on that machine. If it appears that I am being theatrical, ya, I am. I admit it. I am hoping to make a serious point on network security. A little under a year ago, I attended a seminar on Security given by the ACM. It was for the most part interesting, but they glossed over network security. Very disapointing. Especially, as a lot of the stuff that was discussed were things that I already knew. +C -- Cory ( "...Love is like Oxygen..." ) Kempf UUCP: encore.com!gloom!cory "...it's a mistake in the making." -KT