From owner-freebsd-hackers  Thu Oct  5 23:18:37 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id XAA13323
          for hackers-outgoing; Thu, 5 Oct 1995 23:18:37 -0700
Received: from hemi.com (hemi.com [204.132.158.10])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id XAA13315
          for <freebsd-hackers@freebsd.org>; Thu, 5 Oct 1995 23:18:34 -0700
Received: (from mbarkah@localhost) by hemi.com (8.6.11/8.6.9) id AAA02872; Fri, 6 Oct 1995 00:22:34 -0600
From: Ade Barkah <mbarkah@hemi.com>
Message-Id: <199510060622.AAA02872@hemi.com>
Subject: Re: Fiskars UPS support...
To: chuckr@eng.umd.edu (Chuck Robey)
Date: Fri, 6 Oct 1995 00:22:33 -0600 (MDT)
Cc: freebsd-hackers@freebsd.org
In-Reply-To: <Pine.SUN.3.91.951005231124.13859B-100000@espresso.eng.umd.edu> from "Chuck Robey" at Oct 5, 95 11:14:46 pm
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Content-Length: 1408      
Sender: owner-hackers@freebsd.org
Precedence: bulk


> I don't find 'privileged ports' in my trusty O'Reillly TCP/IP book, could 
> you give me a reference?  

It refers to port numbers below 1024. In Unix systems, only the
super-user can bind a socket to listen to ports < 1024. It is
an "extra" bit of security, but easily defeated if someone has
root priviledges or run a non-Unix operating system on the wire.

> I just don't see, right now, what would stop someone with a packet 
> sniffer, finding how I communicate, then spoofing the remote.  

Authentication is always a problem when dealing with client-server
programs. You need to devise a way for the programs to authenticate
themselves, perhaps by using encryption methods. Popular protocols
use "challenge passwords" to verify that each end is properly
authorized.

A simple scheme is to have a specific "shutdown password" that is
only sent when a shutdown is necessary, and changes each time
the system is shut down. This scheme defeats packet sniffing
since 1) the password is not normally sent for simple status
checks and 2) when it is sent, it is immediately changed.

Of course, if someone is packet sniffing your internal organization's
wire, you have bigger problems.

-Ade Barkah
--------------------------------------------------------------------
Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - www: <http://hemi.com/>
--------------------------------------------------------------------