Such a system does not provide adequate protection from replay attacks where the attacker was able to get the id and password for the remote user. 5.1. Protection against passive attacks is a necessary absence, at least, not disclosing password system means providing unrestricted access to anyone who has physical access to the network. For example, anyone who has access to cable Ethernet5.2. Detectors Detectors used increasingly. In these systems, a user first authenticates to a particular network object, such as a computer 'firewall', using the system do not share passwords. User then uses a second system to authenticate to each computer or group of computers, where he would like to gain access to certain services. In defense of the perimeter, there are several drawbacks, for this reason that this system should be regarded as a temporary solution.
Gateway is not transparent to the IP-level and for this reason that work with each kind of service should be done independently. Using two-factor authentication is feasible or difficult impossible to link a computer-computer. Peer to peer protocol, which are common to the Internet without establishing mechanisms for communication, easily vulnerable. Detectors must be solid and complete, as in the case of her breakthrough internal protection is weak and easily avoidable. Frequent form of perimeter protection is to transfer applications. Since these programs are protocol-dependent, IP-connectivity of computers within the perimeter of the outside world is broken and part of the benefits of the Internet is lost. Administrative advantage of perimeter defense is that the number of computers that can be subjected to attack, is sufficiently small.