From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@cse.psu.edu From: Gorka Guardiola Múzquiz MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: [9fans] plan9 security... Date: Fri, 13 Feb 2004 15:04:29 +0100 Topicbox-Message-UUID: e22b7aac-eacc-11e9-9e20-41e7f4b1d025 I was with some friend commenting on security in plan 9 and we found some breach in security, at least the way it is used here. I don't know if this is a problem of the (awful) topology of our net or a real breach. Here we have a fileserver which serves the kernel for the terminals on dhcp. Terminals boot diskless. The problem here is that all the net taps in the University can form part of our subnet. VPNs are generated dinamically looking at the addresses which come from all the taps. The thing is that someone can do a DoS attack on the fileserver, answer for it the dhcp request (it can be done from any place on the University), and serve a tame kernel just to get the passwords of the users. We are studying the idea of signing somehow the kernel with a net/host secret and adding support for it on 9load to stop this happening. Another solution would be to implement DHCP authentication, but it may be much more complicated. Would this be useful for any other person on the list?. Do you think it is a good solution?. Ideas?. Suggestions?. Gorka.