On Tue, May 23, 2006 at 04:20:58PM +0200, Uwe Hermann wrote:
On Tue, May 23, 2006 at 09:53:05AM +0200, LeVA wrote:
But if one can spoof 127.0.0.1, then one can spoof anything else, so creating
any rule with an ip address matching is useless.
Correct. IP-based authentication is inherently flawed. If you want something
like that, use strong cryptography to verify the sender/receiver
(think certificates, SSL, etc.).
No, it's not inherently flawed for loopback addresses on the loopback
interface. There are valid reasons to want a different set of rules on
the local host than on the network. (E.g., want to be able to test
without the complexity of an encryption layer, don't want overhead of
encrypting both sides of a local connection, etc.) Aside from that,
yeah, ip addresses shouldn't be used for authentication on untrusted
networks. (Though they are useful as one layer of security, to mitigate
the risk of vulnerabilities in the encryption routines.)
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
