North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Static IP addresses for Dial-up
At 05:18 PM 1/29/96 +0100, Piet Beertema wrote: > I can certainly understand the need for access control & security, > but with the use of a smart-card one-time password system, this is > a moot point. >Huh? How are you going to stop a system from "illegally" >(in the sense of the provider, contracts, or whatever) >acting as -say- www, ftp, or whatever server with such >a one-time password system? You'll need access control >*based on IP addresses* to reach that goal! > > No, no, no. The concept of access-filtering based on source address is easily spoofed, where the OTP password systems that I'm referring to are based on a concept of authentication-based access, which is much more reliable than a [possibly fake] source address. This is not a new concept. - paul
|