[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Family Channel" of the Internet?
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 6 Dec 1996, Ken Kirksey wrote:
> 1) Is it technically possible for them to limit access to only approved
> IP addresses? If so, how can they do this, and is it possible to get
> around these measures.
Packet filters can do this. This could be thwarted by using a proxy
located on a trusted host. There are more complicated ways (source routing,
IP spoofing, etc.) but these would require the cooperation of the target host.
Very improbable.
> 3) In general, how would you use crypto to ensure that your users only
> connected to approved sites, regardless of the platform or browser
> software they were using?
Crypto would probably only be used for authentication. A simple password
system would work, but wouldn't be as secure, of course. The ISP could
pass the packets through the appropriate filter rules depending on the user.
I don't know how much overhead would be associated with this technique, but
it seems to be the most secure way to do this.
>
> I asked the guy to send me some technical details. If I receive them,
> I'll share unless he makes me sign an NDA.
>
> Ken
>
Mark
- --
finger -l for PGP key
PGP encrypted mail prefered.
0xf9b22ba5 now revoked
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQEVAwUBMqjCVSzIPc7jvyFpAQE7egf+OMTzXyu/zzEg1+KE1v1/LgoyKXFc6QSr
7X5cqhyyX7kDzjUC+g/yklu9AQK1PRpM8SsYTP5uSSEWW/joBjMmUaVPdlnTctgD
Osa8rE2EPL1QkojK3thEaSn5OrxAzmEvTYnhJH53c2WIPFpsGm1Ipi9SHaMGQtgY
xFFR03gRSN1TeiULYzQHWXdovKFWFFNtYNgGTHd1et/TJvr67E30zRjOMIP0fD21
GN6fOPMsbbdtEwQsohrUkdsR+kMcOJDtYvBP/eJm4WCiie8SrEhCBSS7SKmkaWzX
zzc/UOIX3/LY9t5dt52fO4T8vNfoSsc4plc5wIsDkJbdbBwc9RlCsw==
=tFgY
-----END PGP SIGNATURE-----