Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 07 Sep 1999 19:19:14 -0700
From:      The Mad Scientist <madscientist@thegrid.net>
To:        dmp@aracnet.com, ks@itp.ac.ru
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: Layer 2 ethernet encryption?
Message-ID:  <4.1.19990907190442.0096ada0@mail.thegrid.net>
In-Reply-To: <37D4BCC2.34AFAE9D@aracnet.com>
References:  <XFMail.990907105629.ks@osi.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
At 12:20 AM 9/7/99 -0700, dmp@aracnet.com wrote:
>"Sergey S. Kosyakov" wrote:
>> On 07-Sep-99 dmp@aracnet.com wrote:
>>> "Sergey S. Kosyakov" wrote:
>>>> On 07-Sep-99 dmp@aracnet.com wrote:
<yadda yadda yadda>

>I have two problems.  The first is that EM emissions on UTP allows
>one to monitor all traffic on that cable.  The second is that a
>sniffer run on an authorized machine will be able to see the source
>and destination IP and port of all IP traffic on it's segment.
>
>I want to fix both problems.  Encrypting everything above layer 2
>does this.  The only determinable aspects of the packets would be
>the source and destination MAC addresses, relatively sufficient
>security given the security policy and topology of the network in
>question.

	I do not claim to understand driver writing, but what about ripping out
the code that puts the NIC into promiscous mode?  You would have to modify
the code that allows the driver to change its MAC address, probably.  But
if you have good network monitors, you should be able to detect a machine
that is pretending to be someone else pretty quickly.  It's not encryption,
but if you're blind, you can't read the written word.  It doesn't solve
your EM problems either.
	'Course, I guess any user with half a brain could go out and get the
original driver and put it in place -- this being an open source solution.
So, I guess it's not such a good idea after all.
	I'll send this anyway, in case it starts people thinking.  Please redirect
flames to /dev/null.
Dean






To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990907190442.0096ada0>