Re: Session Vs Packet Switching

From: Drew (simonis@myself.com)
Date: 06/03/02

• Previous message: Ian P. Christian: "RE: Normalizers, OpenBSD, etc."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 03 Jun 2002 12:05:15 -0400
From: Drew <simonis@myself.com>
To: focus-ids@securityfocus.com

"Gustavo Ossandon S." wrote:
 
> This is an open question
>
> New technologies are implementing session switching over the old
Packet
> switching algorithms
>
> This means just the first packet of a session gonna be
> inspected and all the
> rest of the session will be granted pass .....
>

You speak of multi-layer switching (MLS). Not strictly "new", and not
really related to IDS. Keep in mind that there are several types
of flow masks associated with MLS, and they do support the addition
of security, in the form of standard and extended ACLs on the MSL-RP
(Cisco as a reference point here).

> What security implications this would carry ???
>
> What possibility exist, that some hacker could penetrate under a
session
> already stablished ???
>
 
        (...)

Basically, this is a performance solution, not a security solution.
Can you spoof a packet that would be part of an MLS flow? I dunno.
Would such a spoofed packet be allowed to pass regardles of MLS?
Yes.

>
> Maybe these are relly good questions to discuss :-)
>

Maybe in a different group?

---

• Previous message: Ian P. Christian: "RE: Normalizers, OpenBSD, etc."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Remote desktop hangs on second invocation ... from using fast user switching unless I have to or have nothing going on my ... Sometimes it happens after I log out of the second session. ... When I log onto the office computer using Remote Desktop ... Remote Desktop connection to run at an insanely slow pace). ... (microsoft.public.windowsxp.general) Re: Layer 7 switching. ... Just wondering if anyone can recommend any 'production ready' layer 7 ... switching product on Linux. ... L4/L7 switching, but the L7 stuff does not give me the warm fuzzies. ... For J2EE you'd need to set up session replication, for PHP, just a ... (linux.redhat) Re: Layer 7 switching. ... Just wondering if anyone can recommend any 'production ready' layer 7 ... L4/L7 switching, but the L7 stuff does not give me the warm fuzzies. ... For J2EE you'd need to set up session replication, for PHP, just a ... Bill will have to take Linux from my cold, ... (linux.redhat) RE: newb question: user swithcing in KDE ... want a graphical user switching interface KDE provides an excellent one. ... you have to do is make kdm your default display manager. ... if kdm is not installed use apt-get or synaptic to install it. ... session with "startx --:2", and so on. ... (Debian-User)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)