Laura is, more or less (historically and technically), correct here.
Security was not the 'point' of Novell using IPX as their protocol of choice
in NetWare. You can still use it if you have a need to in 5.x (it hasn't
gone away, believe me, but 'pure' IP was not possible in NetWare until 5.0.
Before 5.0 you had to configure NetWare/IP for client/server communications
(IPX encapsulation via IP) or IPTUNNEL for IPX encapsulated communication
between servers (not clients) over an IP network. IPX was actually based on
IDP (Internet Datagram Protocol) which is a part of the XNS model. One of
the main reasons, or should I say 'selling points', that Novell developed it
was that it was a routable protocol that was very easy to
configure/administer (or almost self-configuring if you compare it to IP).
All one had to do, in a nutshell, was assign a unique network number to an
interface and the protocol stack did the rest by appending the MAC address
to the network number for each client/server, which made it unique (no
problems with subnetting or running out of host ID's as with IP). There
were other reasons as well, such as advertisement of server services via SAP
etc... Many people do still use it today (even on Windows NT/2000 networks)
for security reasons (i.e. using TCP/IP to a public IIS webserver and then
use IPX/SPX from the webserver to their database server. No NetWare server
is needed to do any of this.) This is still an effective technique (no
encapsulation is needed for this, by the way.). It wasn't an attempt at
'security through obscurity' as Novell didn't try to hide the workings of
the protocol.
Anthony
----- Original Message -----
From: "laura isko" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, September 14, 2001 2:17 PM
Subject: Re: IPX question
> i believe you're very wrong.
>
> IPX is based on Xerox's XNS protocol. it is a client/server protocol and
> was developed in the 1970s. Novell adopted it in the 1980s for use with
> Netware.
>
> TCP/IP was used by DOD for ARPANET and thus became the protocol of the
> internet.
>
> Later versions of IPX allowed for IP encapsulation, but I don't think
> Novell turned pure IP until version 5. versions 4.x were IPX that could
> be encapsulated with IP if necessary.
>
> Certainly there are security advantages as you describe, but I don't think
> "it was the point".
>
> - who feels old now, jeez :(
>
> laura
>
> Devdas Bhagat wrote:
>
> > On Tue, 11 Sep 2001, sari sari spewed into the ether:
> > > I'm just a student, so this is probably a dumb question.
> > > In a lecture, it was mentioned that ipx was the "older way" oppose
> > > to ... maybe vpn... i don't remember, but I was wondering what ipx is
> > > and the benifits of using it over newer options? I remember people on
> > > this list talking about something with ipx and am curious about
> > > it...
> > Hmmm, that makes me feel old ;)
> > IPX was what Novell boxen used to talk to each other, before the Net
> > hit Novell and forced them to switch to TCP/IP.
> > The point of using IPX was merely to use another protocol in the
> > middle, so that if any attacks werre possible against TCP/IP, the
> > attacker would not have the capability to decode the IPX packets and
> > thus would be foiled. This was an early attempt at security through
> > obscurity, and it may have been moderately successful (Not everyone
> > could afford a Netware machine, while IP stacks were relatively more
> > common and IPX stacks were not).
> > The method used was to send the entire IP packet encapsulated in an IPX
> > packet., so that the attacker would have to decode the IPX pasket
> > followed by getting data out of the IP packet.
> > There were some benefits earlier, but no longer.
> >
> > Hope this helps.
> >
> > Devdas Bhagat
> > --
> > Don't compare floating point numbers solely for equality.
>
