The only thing I would add to this the concept that hijacking sessions on a
cable system and the PSTN are equally as difficult or in some cases as easy.
Most man in the middle attacks have never really occurred in the "middle"
they happen at the edges of the communication. So security issues have not
changed in terms of the end user because our networks are now in some cases
are broadband. Hackers now cannot jack with just a phone handset and a
sniffer, they need mods and demods and understanding of RF. Also keep in
mind the recent MCNS standard which covers interoperable cable modems
defines the use of strong encryption from the end user to the SP. So you
might the argument that the cable technology is much more secure than
traditional point to point links. In addition many cable organizations are
combining VPNs with broadband to insure strong encryption and authentication
from end to end.
Regards
Robert Dolliver
Educational Services
Nortel Networks
1 Federal St.
Billerica Ma
PGP users my key server is located at:
pgpkeys.mit.edu
my key hash is:
71DD 037B AE30 C046 9D3B 795B D9CB 248D 44F0 1895
> -----Original Message-----
> From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, October 14, 1999 4:31 PM
> To: Mullen, Patrick; [EMAIL PROTECTED]
> Subject: RE: Unknown internet traffic
>
>
>
> But think about all of those lusers that keep their credit card info in
> Quicken
> or in Notepad. There is all sorts of nifty information that you can pull
> off of
> a home users computer. I do agree that education is the best idea. Cable
> companies or even ISPs shouldn't be responsible for firewalls between the
> user
> and the net. There is too much involved. But they can put tabs on ICMP
> and
> such.
>
>
>
>
> "Mullen, Patrick" <[EMAIL PROTECTED]> on 10/14/99 12:34:00 PM
>
> To: "'Ron DuFresne'" <[EMAIL PROTECTED]>, Kevin Johnston
> <[EMAIL PROTECTED]>
> cc: "Sweeney, Patrick" <[EMAIL PROTECTED]>, "'The Firewalls List'"
> <[EMAIL PROTECTED]> (bcc: Rob Walker/SV/AUS/HARCOURT)
>
> Subject: RE: Unknown internet traffic
>
>
>
>
> Just to add my $0.02, which if I'm lucky is worth half
> that, the cable companies are wise to not put a firewall
> between you and the net. Once they have done that, they
> are legally responsible for your safety, and they also
> don't have to run tech support when the latest streaming
> application doesn't work or you're trying to open up a
> non-standard port for some network project for school or
> anything else. Unlike a corporate environment, they
> can't block out all but their approved services.
>
> What would be better is if they did a better job of
> educating people on securing their own systems and
> made people aware such activities were necessary.
>
> Unfortunately, most users don't understand the need,
> the concept, or the techniques, and would rather just
> ignore the issue. On the plus side, unless you download
> a trojan, the only vulnerability most Windows users
> have is the plethora of DoS attacks out there. Since
> Windows users are used to having to reboot constantly
> they probably wouldn't even notice the attack.
>
>
> ~Patrick
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
