New ZeroConf Spec
Patrick McFarland
diablod3 at gmail.com
Sat Jul 22 23:54:35 BST 2006
On Saturday 22 July 2006 18:41, Dan Kegel wrote:
> On 7/22/06, Andrew Jorgensen <andrew.jorgensen at gmail.com> wrote:
> > > And how about the suggestion in
> > > http://www.watersprings.org/pub/id/draft-williams-zeroconf-security-00.
> > >txt that IPSec would help?
> > > http://www.securityfocus.com/infocus/1859 describes how to turn IPsec
> > > on between two OpenBSD machines, and it doesn't sound too bad.
> > > Could we set up Avahi to ignore any incoming packets that were not
> > > protected by IPSec, but let every other service use plain old non-IPSec
> > > packets? That might be easier than cobbling up an authentication method
> > > just for Zeroconf.
> >
> > Probably not without a firewall to do that filtering for you... and
> > setting up IPSec.
>
> Yes. And I'm saying that's the kind of thing we'd have
> to do (automatically, behind the scenes) to make it
> safe to deploy Avahi.
> - Dan
Wait, Ubuntu can automatically do IPsec? How?
--
Patrick McFarland || www.AdTerrasPerAspera.com
"Computer games don't affect kids; I mean if Pac-Man affected us as kids,
we'd all be running around in darkened rooms, munching magic pills and
listening to repetitive electronic music." -- Kristian Wilson, Nintendo,
Inc, 1989
More information about the ubuntu-devel
mailing list