[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: swIPe available for FTP.



At  9:57 6/15/94 -0400, smb@research.att.com wrote:
>The second problem is the lack of filtering on input.  That is, you
>may have a key -- which guarantees authenticity -- between you and
>some host Foo.  But no check is made to ensure that packets from Foo
>are properly encrypted.  This means that you can't trust a received
>packet; you only know that genuine packets haven't been tampered with.

The approach we have been considering is to combine the IP security
protocol (swIPe, IPSP, etc.) with the packet filtering/screening code so
that we can establish security policy through the filter/screening rules.


Brian Lloyd, President                         Lloyd Internetworking
brian@lloyd.com                                3031 Alhambra Drive
(916) 676-1147 - voice                         Suite 102
(916) 676-3442 - fax                           Cameron Park, CA  95682