Re: DARPA, NAI, and Munchkins

Kragen Sitaker (kragen@pobox.com)
Sun, 20 Dec 1998 10:33:34 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tim Byars: "Fwd: FCC Mulls Wider Commercial Use of Radical Radio Technology"
Previous message: Joseph S. Barrera III: "Clinton's approval rating rises after impeachment"
In reply to: Keith Dawson: "DARPA, NAI, and Munchkins"
Next in thread: Ron Resnick: "Re: DARPA, NAI, and Munchkins"

On Sun, 20 Dec 1998, Keith Dawson wrote:
> The active security concept involves having different components of
> security technology work together, she explained. For instance, if an
> intrusion detection system notices a security breach, it could send a
> message to the firewall which could then shut down the gateway, log the
> event and notify the console operator, Benzel said.

There are systems that do this already. They open a host of new
security problems on today's Internet -- it is usually possible to fool
the IDS into (a) detection of fake intrusions and (b) not detecting
real intrusions. (a) can result in denial of service to legitimate
users and services; many security mechanisms in use today can be made
to break down under these circumstances.

There's a paper on insertion and evasion attacks (which explains (b))
that was posted to BUGTRAQ some months ago. (a) can be as simple as
spoofing packets.

Not that I've *done* any of this, mind you.

-- 
<kragen@pobox.com>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
"Why are you withholding me?" -- name withheld  "Oh... And dig this:  I
am a fish.  'Nuff said." -- Joe Blaylock (no further explanation)
These are the denizens of the CLUG mailing list.  Their five-year mission:

Next message: Tim Byars: "Fwd: FCC Mulls Wider Commercial Use of Radical Radio Technology"
Previous message: Joseph S. Barrera III: "Clinton's approval rating rises after impeachment"
In reply to: Keith Dawson: "DARPA, NAI, and Munchkins"
Next in thread: Ron Resnick: "Re: DARPA, NAI, and Munchkins"