Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Static IP addresses for Dial-up

  • From: Paul Ferguson
  • Date: Mon Jan 29 14:46:01 1996

At 05:18 PM 1/29/96 +0100, Piet Beertema wrote:

>    I can certainly understand the need for access control & security,
>    but with the use of a smart-card one-time password system, this is
>    a moot point. 

>Huh? How are you going to stop a system from "illegally"
>(in the sense of the provider, contracts, or whatever)
>acting as -say- www, ftp, or whatever server with such
>a one-time password system? You'll need access control
>*based on IP addresses* to reach that goal!
>
>

No, no, no. The concept of access-filtering based on source address is
easily spoofed, where the OTP password systems that I'm referring to 
are based on a concept of authentication-based access, which is much more 
reliable than a [possibly fake] source address.

This is not a new concept.

- paul






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.