Re: IPv6, IPSEC and DoS

• Previous message: Shrimp Daddy: "code, Shrimp Daddy has invited you to open a Google mail account"
• In reply to: Rob Thomas: "Re: IPv6, IPSEC and DoS"
• Next in thread: (no name): "Re: IPv6, IPSEC and DoS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On 1-jan-05, at 22:20, Rob Thomas wrote:

> ] But as long as people get to snif your packets, you're dead in the
> ] water unless you use IPsec.

> The same is often said about SSL for web transactions. This is
> why keystroke loggers are so popular in bots and other malware.
> The point is that folks shouldn't assume that encrypted packets
> keep them safe. Encryption != security.

Well, then use IPsec between your keyboard and the host. :-)

And IPsec != encryption.

Obviously there are many ways to be insecure even if you use IPsec, but
my point is that if someone can snif your packets, they always get to
break your sessions unless you use IPsec (or TCP MD5). Even SSL doesn't
do you any good since it sits on top of TCP which leaves TCP
vulnerable. SSL however will make sure that IF your session stays up
whatever data makes it through hasn't been modified and even if
sniffed, the clear text isn't available to others.

• Previous message: Shrimp Daddy: "code, Shrimp Daddy has invited you to open a Google mail account"
• In reply to: Rob Thomas: "Re: IPv6, IPSEC and DoS"
• Next in thread: (no name): "Re: IPv6, IPSEC and DoS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]