Date: Tue, 07 Sep 1999 19:19:14 -0700 From: The Mad Scientist <madscientist@thegrid.net> To: dmp@aracnet.com, ks@itp.ac.ru Cc: freebsd-security@FreeBSD.ORG Subject: Re: Layer 2 ethernet encryption? Message-ID: <4.1.19990907190442.0096ada0@mail.thegrid.net> In-Reply-To: <37D4BCC2.34AFAE9D@aracnet.com> References: <XFMail.990907105629.ks@osi.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:20 AM 9/7/99 -0700, dmp@aracnet.com wrote: >"Sergey S. Kosyakov" wrote: >> On 07-Sep-99 dmp@aracnet.com wrote: >>> "Sergey S. Kosyakov" wrote: >>>> On 07-Sep-99 dmp@aracnet.com wrote: <yadda yadda yadda> >I have two problems. The first is that EM emissions on UTP allows >one to monitor all traffic on that cable. The second is that a >sniffer run on an authorized machine will be able to see the source >and destination IP and port of all IP traffic on it's segment. > >I want to fix both problems. Encrypting everything above layer 2 >does this. The only determinable aspects of the packets would be >the source and destination MAC addresses, relatively sufficient >security given the security policy and topology of the network in >question. I do not claim to understand driver writing, but what about ripping out the code that puts the NIC into promiscous mode? You would have to modify the code that allows the driver to change its MAC address, probably. But if you have good network monitors, you should be able to detect a machine that is pretending to be someone else pretty quickly. It's not encryption, but if you're blind, you can't read the written word. It doesn't solve your EM problems either. 'Course, I guess any user with half a brain could go out and get the original driver and put it in place -- this being an open source solution. So, I guess it's not such a good idea after all. I'll send this anyway, in case it starts people thinking. Please redirect flames to /dev/null. Dean To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990907190442.0096ada0>