It's generally accepted that TCP/IP was not designed with security in the forefront. However, considering the increasing amounts of commerce occuring on the Internet, it's ostrich-like to assume current secure networking methods will scale well or eventually become ubiquitous.
I suppose IPsec will help. But without pre-registering end-to-end security, is there a way that a client or server can expect it?
The typical vulnerabilities seem to reside in a few key areas:
- Proxy-based (man in the middle)
- Denial of Service (distributed or otherwise)
- Phishing (impersonation)
- Injection leading to loss of control (trojans, worms, poison packets and pages, botnets, etc.)
Thoughts?
