"Danny Mayer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I didn't design the autokey protocol and have not reviewed it. However
> from what I understand the IP addresses are used as seeds for the
> authentication codes and ensure that it only work between two specific
> endpoints so MIM attacks are virtually impossible.
> Danny
Anyone who thinks you can use IP addresses to protect against MIM
attacks doesn't understand what a MIM attack is. The MIM can certainly spoof
each end's IP address to the other machine.
DS
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
