Re: Static IP addresses for Dial-up
At 02:19 AM 1/30/96 +1100, Robert Elz wrote:
You're expecting me to obtain one of those things for my system at home? And assuming that password type capable access protection is the only kind of protection I care about.
Well, not exactly. I was thinking along the lines of something a little larger than 'home' access. :-)
Lets be a little reasonable please - access filters aren't dead yet (I would like to see them vanish, and I would hope that one day that might happen, today isn't that day).
I will believe this has happened when cisco no longer support packet filtering in their routers.
kre
My point was that filtering on source addresses is not exactly the most secure method of access control. - paul
Date: Mon, 29 Jan 1996 12:48:00 -0500 From: Paul Ferguson <pferguso@cisco.com> Message-ID: <199601291747.JAA15611@lint.cisco.com> You clearly didn't read the message I sent that you replied to... Well, not exactly. I was thinking along the lines of something a little larger than 'home' access. :-) The issue I mentioned was my brother, with a static IP address from Demon for his one system at home, which connects via dial up, connecting to my one system at home, which is also dial up (right now), though basically a permanent connection. My point was that filtering on source addresses is not exactly the most secure method of access control. Again, you didn't read my message - I know that source address filtering is even less secure than other filtering. However the source address in one packet is the destination address in another - and I can filter on that destination address... I also know that there are attacks that can be made without requiring return packets at all - those I have to deal with in other ways (smart card password schemes most certainly aren't it) regardless of what kind of address (statically assigned, or dynamically assigned) my brother gets. kre
participants (2)
-
Paul Ferguson
-
Robert Elz