Re: idea for improving security
Hi
On Tue, May 06, 2003 at 10:05:49PM -0400, Robert B Wilson wrote:
> On Tue, 06 May 2003 20:13:41 +0000 Deger Cenk Erdil
> <erdil@cs.binghamton.edu> writes:
> > But, if I can intercept your "trigger sequence messages" as an
> > attacker
> > on your subnet, or even on the Net, I can replicate the same
> > sequence
> > quite easily!
> what if the trigger sequence changed each time? then if someone
> intercepted the trigger sequence, it wouldn't do them any good, unless
> they collected enough trigger sequences to be able to determine the
> next
> one, but that would take a lot of work...
This is already implemented and is called "One time passwords"
Why the heck would you want to do that on osi layers 3/4 instead of the
application?
And it would be hard to implement.. changing one flag per IP packet sent
or what? In a random non guessable order? Hard work... useless IMO
MfG/Regards, Alexander
--
Alexander Reelsen http://tretmine.org
ref@tretmine.org
Reply to: