> This seems very crude. Supposing I simply stick my laptop on the lan and
> use ports allocated to another user ?
If I understood your question well, this is also possible for any normal
host based firewall. You can give any IP to your laptop and enjoy that
hosts privileges. Also, I have designed to include authentication and
hence the mention of local auth module in my posting.
> There is no security in port information unless you are doing filtering
> and verification at the boundary points too. In that case the boundary
> points can generate IP-AH frames with MD5 signatures based on authentication
> data provided.
Can you please elaborate this point. This will be really very useful.
I will appreciate it.
Regards,
Yusuf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu