torek@elf.ee.lbl.gov (Chris Torek) (05/15/91)
In article <1991May13.220731.2415@watson.ibm.com> metzger@watson.ibm.com (Perry E. Metzger) writes: >Not to contradict Chris, who knows a whole lot more than I can ever >hope to, but... (I would not say that... but :-) ) >1) Fiber is hard to tap. Well, not that hard, but harder than cable. It depends on whether you want to inject your own data, or merely snoop. To snoop, you just shave off the black outer jacket, bend the cable a bit, and use a little device that is likely to be an off- the-shelf item soon, if it is not already. To inject new data you generally must cut the cable (this is easily detected). (There are probably injection techniques using higher-power lasers that do not involve splicing in your own hardware.) >2) You CANT record and play back tickets! Others will know better than I, but tickets were good for at least several minutes, which is long enough to do serious damage if you are truly bent on destruction. Ticket time stamps can be no finer than the maximum offset between machine clocks, and at least as of the documents I read, this was set to something like 5 minutes. >... PLUS it would probably not work anyway if the service is >keeping track of request id's, or so I recall. This would certainly help out (I remember nothing about request IDs, but I assume they are also encrypted). -- In-Real-Life: Chris Torek, Lawrence Berkeley Lab CSE/EE (+1 415 486 5427) Berkeley, CA Domain: torek@ee.lbl.gov