--- Jeffrey Altman <jaltman(_at_)COLUMBIA(_dot_)EDU> wrote:
I have so many issues with this reply that I am only going to focus on
one.
Agreed. How do you expect the intruders will steal the tickets, without
being recipients of the ticket? Unless, you are assuming that the private
network is not trusted and that there are intruders within the private
network.
There is no such thing as a trusted network. One of the first things
you learn about security (having nothing to do with computer security)
is that most attacks occur from inside the organization. There is no
such thing as a trusted network.
I hear what you say. Thanks.
I have pointed you in directions you need to follow. Stating that the
a problem in one context is described in the described in another
context is not useful in this document. It is exactly because of this
approach that the document comes across sounding as if the problems
described are trivial and inconsequential.
Dont get me wrong. I was not suggesting that it suffices to point out
one end of the problem (ex: X-Windows Server redirection). I was merely
stating that the document covered one end, but failed to cover the other
end of the problem (i.e., Setting the DISPLAY variable from a Telnet
session, using an IP address).
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025
http://www.kermit-project.org/k95.html *
kermit-support(_at_)kermit-project(_dot_)org
cheers,
suresh
=====
__________________________________________________
Do You Yahoo!?
Send online invitations with Yahoo! Invites.
http://invites.yahoo.com