Re: Fixed IP per port ?

Steven P. Crain (scrain@shore.net)
Fri, 13 Dec 1996 16:33:10 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 12 Dec 1996, Stephen Zedalis wrote:

> On Wed, 11 Dec 1996, Roy wrote:
>
> > Of course, there is a possible security hole if the port is
> > associated to the IP address. If user "A" gets disconnected with
> > open TCP connections, these can be stolen by user "B" dialing in
> > on the same port.
>
> No, probably not since the person would have to login with the same
> user id and password as the first to get the same ip and also have the same

No, that's the point. It is not necessary to log in with the same
username and password, just to hit the same port.

> tcp/ip applications running with the same local ports assigned. Ie. even
> though the person was connected to the well-known port on the server side,
> he would also have to duplicate the random user port on the client (his)
> side for the packets to be routed properly. Not impossible, but unlikely.
>
> This same potential security hole exists even if you don't assign addresses
> ala Livingston. Ie. If you knew the intended target's IP address and
> there was only one IP for each port, you could redial immediately and keep
> redialing until you got the right port/IP.

You are right that it isn't likely to happen by accident. However,
someone could easily hack a computer to intentionally steal any such
connections. The connection could not be stolen until a packet arrived
from the remote site. I bet it wouldn't take too many attempts to steal
an interesting connection if the hack ran everytime they called in and
they called in a couple times a day.

The program would basically have to listen for traffic that 1) Wasn't
asking to create a new connection and 2) Wasn't for a known connection.
One end or the other of the link would most likely be a common port,
indicating what protocol the hack program should expect.

- ----------------------------------------------------------------------------
Steven P. Crain scrain@shore.net http://www.shore.net/~scrain
Shore.Net Unix Development and Administration
An ISP with Excellence in the Greater Boston Area.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Finger me for a public key.

iQB1AwUBMrHLm40DAXSiDippAQEklgL+KpfauRX29KBkYGrVmcnygDphp/Lk/4lm
Ir7Ebmmx1l5YWloSpMCbUHVlFZJbCXr9g2rjExWDcIgdVx7Plicz9lSvYFEIsseM
nwkZH8Cbt+9ZDuAzBR2XJvckK9NMprin
=wTK1
-----END PGP SIGNATURE-----