[lug] How to implement Authentication on Disparate OS?
Lori Reed
lorireed at lightning-rose.com
Fri Jul 15 08:23:34 MDT 2011
On 07/14/2011 09:57 PM, Davide Del Vento wrote:
> Machine A must have something that the spoofer can't have. E.g. a
> private key with which something is signed and send to Machine, who
> verify it's coming from A using A's public key.
I'm no security wonk, but shouldn't the data itself be encrypted to
defeat packet sniffing, and wouldn't that solve the original problem as
stated?
Lori
> On Thu, Jul 14, 2011 at 20:34,<siegfried at heintze.com> wrote:
>> Can someone suggest what I might google search for to learn how to implement
>> a secure connection between two machines?
>> Machine A is running freebsd and an application written in perl that needs
>> to record a ticket in a database on machine B.
>> Presently, machine A is sending the username and other information thru a
>> perl socket to machine B. Machine B records the information, including the
>> username in a database. If you have the perl source code running on machine
>> A, it is pretty easy to spoof machine B into thinking you are someone else
>> when you submit the ticket.
>> How would I subvert a would be spoofer?
>>
>> What features are available in freebsd or Linux that could make this secure?
>> Let's assume these machines are on the same domain controller.
>> Now what if machine B is a windows machine? (Can linux or freebsd
>> authenticate with a windows domain controller? I think they can.)
>> I think SAMBA supports windows named pipes. Is this a possibility? I don't
>> even know what to google search for.
>> Thanks,
>> Siegfried
>>
>> _______________________________________________
>> Web Page: http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
More information about the LUG
mailing list