Re: idea for improving security

To: debian-security@lists.debian.org
Subject: Re: idea for improving security
From: Alexander Reelsen <ref@tretmine.org>
Date: Wed, 7 May 2003 12:48:45 +0200
Message-id: <20030507104845.GA9627@tretmine.org>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20030506.220649.-3553167.3.han_solo55@juno.com>
References: <20030506.220649.-3553167.3.han_solo55@juno.com>

Hi

On Tue, May 06, 2003 at 10:05:49PM -0400, Robert B Wilson wrote:
> On Tue, 06 May 2003 20:13:41 +0000 Deger Cenk Erdil
> <erdil@cs.binghamton.edu> writes:
> > But, if I can intercept your "trigger sequence messages" as an 
> > attacker 
> > on your subnet, or even on the Net, I can replicate the same 
> > sequence 
> > quite easily!
> what if the trigger sequence changed each time?  then if someone
> intercepted the trigger sequence, it wouldn't do them any good, unless
> they collected enough trigger sequences to be able to determine the
> next
> one, but that would take a lot of work...
This is already implemented and is called "One time passwords"

Why the heck would you want to do that on osi layers 3/4 instead of the
application?

And it would be hard to implement.. changing one flag per IP packet sent
or what? In a random non guessable order? Hard work... useless IMO


MfG/Regards, Alexander

-- 
Alexander Reelsen   http://tretmine.org
ref@tretmine.org

Reply to:

References:
- Re: idea for improving security
  - From: Robert B Wilson <han_solo55@juno.com>

Prev by Date: Re: idea for improving security
Next by Date: Re: idea for improving security
Previous by thread: Re: idea for improving security
Next by thread: Re: idea for improving security
Index(es):
- Date
- Thread