Does RFC 2684 resolve the ATMARP issue of host impersonation described in RFC 2225? . . . In particular, the bridging architecture discussed in RFC 2684 section 7 has the same vulnerabilities as other bridging architectures. Is this referring to the requirement for a receiving ATM interface to look into a bridged PDU and learn; which makes it vulnerable to forged associations between foreign destination and an ATM station. Is this the ATMARP host impersonation issue referenced earlier? ATMARP packets are not authenticated. This is a potentially serious flaw in the overall system by allowing a mechanism by which corrupt information may be introduced into the server system. Are there other security issues with ATM on a firewall? Thanks Enno, I missed that. > RE: ATM PVC as security barrier - ARMARP issue > From: "Enno Rey" <erey@security-academy.de> > Date: Sun, 10 Jun 2001 16:39:50 +0200 > > Hi, > > wasn't RFC 1483 outdated by RFC 2684? > > Regards, > > Enno > > -----Original Message----- > From: firewalls-owner@Lists.GNAC.NET > [mailto:firewalls-owner@Lists.GNAC.NET]On Behalf Of Abdulkareem Kusai > Sent: Sonntag, 10. Juni 2001 15:12 > To: firewalls@Lists.GNAC.NET > Subject: ATM PVC as security barrier - ARMARP issue > > Does RFC-1483 resolve the ATMARP issue of host impersonation described in RFC >2225? Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]