[PLUG] Thin Client Security
Cooper Stevenson
cooper at linux-enterprise.net
Tue Dec 10 18:27:29 UTC 2002
All,
When discussing the K12LTSP project yesterday and it's benefits, I was
asked about the server side security.
Specifically, is there a mechanism in place to prevent an attacker from
putting a ``fake'' server on the subnet that the clients look for?
In other words, let's say that a thin client sends a Bootp broadcast on
the network. What's to stop a hacker from plugging in a false server and
intercepting client requests?
Of course the attacker would have had to have compromised a `real'
server to gain login information, etc. to make this work and it would
likely be discovered very quickly, but still...
-Cooper
More information about the PLUG
mailing list