Usenet Security

Alan J Rosenthal flaps at csri.toronto.edu
Tue Feb 23 08:52:56 AEST 1988


In article <7311 at brl-smoke.ARPA> gwyn at brl.arpa (Doug Gwyn) writes:
>One way to not lose an appreciable degree of security due to modem
>access (assuming telephone line tapping is ruled out) is to have
>the system check an incoming user ID against an internal list and
>call back the phone number contained in the internal list to
>establish the real working connection.

Doesn't this just put the shoe on the other foot?  If you call the
other system back, you have to prove that it's you calling back.

In other words, I'm saying that it seems to me that this could work
only between a secure system and a not-so-secure system.  Two systems
cannot both use this strategy to talk to each other.

ajr
-- 
If you had eternal life, would you be able to say all the integers?



More information about the Comp.unix.wizards mailing list