[openbeosnetteam] Re: what about attacks?

• From: Marcus Overhagen <dos4gw@xxxxxx>
• To: openbeosnetteam@xxxxxxxxxxxxx
• Date: Sat, 16 Mar 2002 21:22:42 +0100

openbeosnetteam@xxxxxxxxxxxxx schrieb am 16.03.02:
> Hello,
> I'm just a lurker on this list
Me too.

> is there such plan or are we too alpha to even think of it?
I think it's never to early to make suggestions. So that those
people doing the implementations have a range of ideas presented.
Not everything needs to be implemented at first, but keep them in mind.

I also have some suggestions. What I would like is a protection 
against all possible kinds of attacks. :-)

Attacks seems to be quite common in bigger LANs, and I would 
be like to be able to use OpenBeOs even at a congress
like 18C3 http://www.ccc.de/congress/2001/index.en.html

There is an attack where an attacker assigns you a new IP using
ARP (or probalby DHCP), to take over existing connections.
Please make sure that this won't happen. It should be possible
to implement that an ARP response that get's received is only
accepted during a short period after the request has been sent.
I don't know how DHCP works, but if the same is possible, please 
do it.

There are also attacks that depend on predicting TCP sequence 
numbers, if possible implement something to prevent these attacks.

Also a limiting of accepted connections per second/minute, or
concurrent connections would be nice, so that a attacker can't 
use this as a attack to make you run out of resources.
All these limits should be enabled by default, but please make
it possible to disable them using a configuration option, and
without restarting.


Another suggestions for the Preferences application. What I would like
is this:

- all configuration should be saved in text files, 
configuration changes done should be applied on request (ifconfig --apply or 
whatever)

- and it should also be possible to change them using a shell tool.

For the GUI app:

- It should be possible to have different profiles,
"wireless", "home", "testing", ... 

- Three buttons "Revert", "Save", "Apply" (or similar, but no Restart) 
please no automatic changes, for example don't assing a new IP when a new IP is 
entered, wait until the user wants to apply it.
Revert should revert all changes done since opening the Application (not since 
last applying)!
Apply should save & apply all changes (change the IP for example)
Save should save & apply the changes, and close the application (Is this 
correct?)

Perhaps the preferences app should load different BView from add-ons,
display them in a Tab viw, and tell them using messages to
B_REVERT, B_SAVEANDAPPLY their configuration to the text files.
The app should also be able to do the profile management.

I think that the Boneyard config app was really strange and had
a inconsitent interface, it should be more intuitive.

regards
Marcus
________________________________________________________________
Keine verlorenen Lotto-Quittungen, keine vergessenen Gewinne mehr! 
Beim WEB.DE Lottoservice: http://tippen2.web.de/?x=13

• » [openbeosnetteam] what about attacks?
• » [openbeosnetteam] Re: what about attacks?
• » [openbeosnetteam] Re: what about attacks?
• » [openbeosnetteam] Re: what about attacks?
• » [openbeosnetteam] Re: what about attacks?
• » [openbeosnetteam] Re: what about attacks?
• » [openbeosnetteam] Re: what about attacks?

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription