Newsgroups: comp.unix.admin
Path: utzoo!utgpu!news-server.csri.toronto.edu!torsqnt!hybrid!scifi!watson!arnor!metzger
From: metzger@watson.ibm.com (Perry E. Metzger)
Subject: Re: Project Athena ( was Re: Non Destructive Version of rm)
Message-ID: <1991May13.220731.2415@watson.ibm.com>
Sender: news@watson.ibm.com (NNTP News Poster)
Nntp-Posting-Host: halley
Organization: IBM T.J. Watson Research Center
References: <12049@mentor.cc.purdue.edu> <1991May8.174603.26309@athena.mit.edu> <12067@mentor.cc.purdue.edu> <1991May9.001907.13024@athena.mit.edu> <12112@mentor.cc.purdue.edu> <13043@dog.ee.lbl.gov>
Distribution: na
Date: Mon, 13 May 1991 22:07:31 GMT

In article <13043@dog.ee.lbl.gov> torek@elf.ee.lbl.gov (Chris Torek) writes:
>The basic problem here is that the network itself is physically
>accessible as well, and such access can be nearly untraceable.  Your
>average Ethernet or fiber optic cable can be `wiretapped' without too
>much difficulty and with little chance of detection.  If this is done,
>sessions can be recorded and/or played back, and the `tapping' machine
>can stand in the stead of another, previously existing machine.

Not to contradict Chris, who knows a whole lot more than I can ever
hope to, but...

1) Fiber is hard to tap. Well, not that hard, but harder than cable.

and..

>The Athena security system provides a variable amount of defense
>against this sort of intrusion.  If you wiretap and collect someone's
>tickets, you can use playback methods to gain access for the duration
>of the ticket.

2) You CANT record and play back tickets! The tickets are sent back to
   the user via a secure channel (they are encrypted in the users
   password!), and even if you see an instance of a ticket wizzing by
   on the network, you have only a couple of seconds to replay it as I
   recall, PLUS it would probably not work anyway if the service is
   keeping track of request id's, or so I recall. The REAL risk is
   someone broke in to your workstation and grabs your tickets when
   they get stored on your local machine.

Perry
