Xref: utzoo comp.dcom.lans:2053 comp.protocols.tcp-ip:5620
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!killer!mit-eddie!bu-cs!kwe
From: kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England))
Newsgroups: comp.dcom.lans,comp.protocols.tcp-ip
Subject: Network Security
Keywords: network security virus
Message-ID: <26314@bu-cs.BU.EDU>
Date: 29 Nov 88 22:46:26 GMT
Organization: Boston Univ. Information Tech. Dept.
Lines: 27


	I have been thinking about the role of the internet in the
recent virus/worm attack.  I have come (as have others, I am not
claiming originality here) to these conclusions:

	The network was instrumentally involved in the worm/virus
propagation. 
	The network was instrumental in the fight against the virus,
for the exchange of mail and code.
	Networks are secure when they operate properly.
	In order to have secure networks, we need network routing
information exchange and network management protocols that are
authenticated, robust, and secure against spoofing and malicious
disruption.

	The ospfigp protocol is the best place to start to build
robust, secure internetwork routing exchange protocols before we get
bitten by a network bug.
	We need some *serious* authentication capability in SNMP.

	Discussion?  Is ospfigp secure enough now?  What about real
authentication in SNMP?  What have I left out (eg, arp cache
security)? 
	I leave security on a broadcast medium like Ethernet as a
separate discussion topic (eg, snooping for passwords).

	Kent England, Boston University