Tech Insider					   Technology and Trends

			   USENET Archives

Path: utzoo!attcan!uunet!husc6!bloom-beacon!mit-eddie!rutgers!att!
From: d...@alice.UUCP
Newsgroups: comp.protocols.tcp-ip,comp.unix.wizards,news.sysadmin
Subject: Morris Tech Report
Message-ID: <8419@alice.UUCP>
Date: 12 Nov 88 07:10:32 GMT
Organization: AT&T Bell Laboratories, Murray Hill NJ
Lines: 31

Those interested in earlier works of Robert T. Morris,
or interested in network security in general, might wish
to read AT&T Bell Laboratories CSTR #117, "A Weakness in the
4.2BSD Unix TCP/IP Software," by Robert T. Morris,
dated Feb. 25, 1985.  An abstract of the abstract:

	... [E]ach 4.2BSD system "trusts" some other set of other
	systems, allowing users logged into trusted systems to
	execute commands via a TCP/IP network without supplying
	a password.  These notes describe how the design of TCP/IP
	and 4.2BSD implementation allow users on untrusted and
	possibly very distant hosts to masquerade as users on
	trusted hosts.  Bell Labs has a growing TCP/IP network
	connecting machines with varying security needs;
	perhaps steps should be taken to reduce their vulnerability
	to each other.

This technical report, as well as others, may be ordered by writing to

	Ellen Stark
	Room 2C579
	AT&T Bell Laboratories
	600 Mountain Ave.
	Murray Hill,
	NJ 07974

These reports are free of charge.

			Dennis Ritchie

			   USENET Archives

The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or 

Electronic mail:			      WorldWideWeb: