[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: swIPe available for FTP.
At 9:57 6/15/94 -0400, smb@research.att.com wrote:
>The second problem is the lack of filtering on input. That is, you
>may have a key -- which guarantees authenticity -- between you and
>some host Foo. But no check is made to ensure that packets from Foo
>are properly encrypted. This means that you can't trust a received
>packet; you only know that genuine packets haven't been tampered with.
The approach we have been considering is to combine the IP security
protocol (swIPe, IPSP, etc.) with the packet filtering/screening code so
that we can establish security policy through the filter/screening rules.
Brian Lloyd, President Lloyd Internetworking
brian@lloyd.com 3031 Alhambra Drive
(916) 676-1147 - voice Suite 102
(916) 676-3442 - fax Cameron Park, CA 95682