Unix security additions
Ken Seefried iii
ken at dali.gatech.edu
Tue Mar 12 04:01:16 AEST 1991
In article <1819 at svin02.info.win.tue.nl> rcpieter at info.win.tue.nl writes:
>PLS at cup.portal.com (Paul L Schauble) writes:
>
>>I'm curious: What do you think are the five most significant changes or
>>additions that have been made to Unix to improve its security?
>
>Which brings up the question of the largest still existing security
>leak: Why does UNIX still trust the network (ethernet in most cases)
>it is attached to? Nothing is simpler than plugging a PC into an
>ethernet (for instance using a PC at a publicly accessible place) and
>watch the packets go by. Five minutes waiting brings you a lot of
>passwords. When will internet packets start being encrypted?
>
A few things...
There has never been any substitue for physical security. No matter
what type of network you have (that I know of, that is), anyone with
physical access to the hardware can break into machines.
As far as packet encryption goes, I suppose it will be done when there
is enough spare cycles in all the cpus in the network or ethernet
boards are built with the hardware on board. In this day and age, a
trivial encryption algorithm is no protection.
--
ken seefried iii "A sneer, a snarl, a whip that
ken at dali.cc.gatech.edu stings...these are a few of
my favorite things..."
More information about the Comp.unix.internals
mailing list