A dynamic network architecture
ACM Transactions on Computer Systems (TOCS)
A language-based approach to protocol implementation
IEEE/ACM Transactions on Networking (TON)
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Design and implementation of modular key management protocol and IP secure tunnel on AIX
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
REX: secure, extensible remote execution
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Hi-index | 0.00 |
This paper describes our experiences building a secure rlogin environment. With minimal changes to the rlogin server and the use of a secure network layer protocol, we remove the vulnerability of hostname-based authentication and IP source address spoofing. We investigate how applications such as rlogin interact with this new layer, and propose extensions to the rlogin server that can utilize these services. We believe rlogin presents a situation where the application layer seems the most appropriate location for enforcing security policy, instead of in a lower layer. Our layered approach to rlogin security achieves functionality similar to the Kerberos klogin client and the encrypted telnet packages, without their complexity or loss of generality. Implementing the application layer rlogin server extensions required fewer than ninety lines of code. Even if our rlogin application layer extensions are omitted, rlogin connections still benefit from secure network layer services.