Re: Security

Eric Ochoa [NOL Staff] (cwizard@nol.net)
Thu, 27 Nov 1997 12:43:58 -0600 (CST)


On Wed, 26 Nov 1997, Robert Hsiung wrote:

> Oh, so routers are computers, too, not just gadgets that send traffic this
> way and that...

That's loosely accurate, a computer such as NT or *nix can be configured
to route packets.. but most other routers like Ascend products and Cisco
can be telnetted to for remote configuration, in full debug mode on an
Ascend unit you can sniff everything going through it (although its all
hex)

> >CU-SeeMe doesn't use PGP-encrypted data...
>
> So doing so would be possible? That sounds like it would increase the level
> of security...

Actually that sounds rather rediculous to me.

> >Someone who knew a bit more about the internet would realize the packets
> >are all going through pretty much the same routers regardless of the final
> >destination..be it another individual's IP, or the IP of a reflector.

It depends largely on the backbone network from one point to another..
traffic to a site on a sprint backbone will rarely see MCI routers, etc.
Play around with traceroute (tracert in windows).

> 4) It wouldn't have to be in real time to be a security problem.

True, I can capture and save sniffing sessions.

> 5) The snoop might only care about the audio. Or only the video. So he or
> she wouldn't need to duplicate everything CUSM does. And what about the
> chat? That, presumably, is just sent as text?

Well, it will get everything.. every packet of information sent across the
network the sniffer is sitting on (mind you, this is ONLY the traffic
coming across the network local to the sniffer). The chat may or may not
be sent across as plaintext..

> >All of this also assumes the hacker has both IP addresses as well as the
> >time you're sending/receiving. If nothing else, simply using a dynamic IP
> >address bypasses that problem. CU is as secure as possible I believe...
> >
> >If security is a big issue, perhaps you can bypass the Internet altogther
> >and use CU by directly dialing the other person.

If you mean IP to IP you are still going across the internet, otherwise
you would have to establish some sort of TCP/IP connection point to point
via modem (PPTP/VPN).

> Would they really need both IP addresses? Wouldn't knowing just mine (for
> example) be enough? Mine isn't exactly top secret...

They don't need anything really.. although the source/destination IP's
help, it all depends on whether or not the traffic is floating across the
network they are sniffing.

> Calling them directly wouldn't be such a great option for the same reason,
> but I didn't know that was even possible. Can I just dial someone else's
> number and connect directly?

See "Virtual Private Networking"

o Eric Ochoa ............................... Phone [713] 467-7100 .o.
.o Networks On-Line ......................... Pager [713] 268-9177 .o.
.o 10497 Town & Country Way #460 ............ Email erico@nol.net .o.
.o Houston TX 77024 ............................................... o.