Morris Tech Report
Doug Gwyn
gwyn at smoke.BRL.MIL
Mon Nov 14 19:11:18 AEST 1988
In article <8419 at alice.UUCP> dmr at alice.UUCP writes:
>Those interested in earlier works of Robert T. Morris,
>or interested in network security in general, might wish
>to read AT&T Bell Laboratories CSTR #117, "A Weakness in the
>4.2BSD Unix TCP/IP Software," by Robert T. Morris,
>dated Feb. 25, 1985. ...
I also recommend this CSTR. By the way, I don't know why the CSTRs
are still being made available for free but I'm thankful that they
are. Many of them are very good, and they offer one of the few ways
of obtaining some insight into what the Bell Labs computer scientists
are up to.
Our local Internet gurus tell me that the spoofing weakness
described in that CSTR is currently harder to exploit, but not
impossible. Also an Ethernet seems to be rife with possibilities..
If things get bad enough we may have to resort to end-to-end
encryption all the time. What a drag.
More information about the Comp.unix.wizards
mailing list