Firewall Wizards mailing list archives
Network cables as security devices
From: "Bruce K. Marshall" <bkmarsh () feist com>
Date: Wed, 19 Aug 1998 16:16:27 -0500
I'm not sure that it has been mentioned on this list, but on several occasions I have followed discussions where secure logging systems, IDS, services, etc. needed additional security. One piece of advice often appears to be cutting the "transmit" wires in the network cable. At first glance it sounds logical and like a decent idea, especially if your system doesn't need to respond to the data that is being sent to it. However, upon actually trying this I met with utter failure. When dealing with normal twisted pair Ethernet cable you can usually refer to EIA/TIA 568B as the wiring guide. This standard states that you utilize pairs 2 & 3 (the orange and green pairs) with pair 2 using RJ45 plug pins 1&2 and pair 3 using RJ45 plug pins 3&6. Here is a rough ASCII diagram (which probably won't show up correctly for half of you): 1 2 3 4 5 6 7 8 [ | | | | | | | | ] | T R T R T R T R | | | ------___------ The "T"'s and "R"'s represent tip and ring -- or transmit and receive -- on the cable, so you could assume that by disconnecting pins 1 and 3 you would only eliminate any unwanted transmissions by your system. In practice, this terminates all network traffic and not just transmissions. Disconnecting any one of the four wires results in no connection at all to the machine. I assume that this is because of the link integrity check used for Ethernet connections. But my real question is whether anyone has actually been able to get around this requirement. As a by-product of this exercise I believe I managed to create the cheapest hardware based firewall in the industry. For approximately $8 US I purchased a toggle switch, two RJ45 jacks and a small project box that allows you to turn on and off the network connection to a device of segment. Anyone who can't afford such luxuries will have to keep plugging and unplugging cables. :) Thanks for the feedback. -- Bruce K. Marshall, CISSP - bkmarsh () feist com - Feist Communications 2424 S. St. Francis - Wichita, KS 67216 - 316-264-2248
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Network cables as security devices Bruce K. Marshall (Aug 23)
- Re: Network cables as security devices Michael Shields (Aug 24)
- Re: Network cables as security devices Damir Rajnovic (Aug 24)
- RE: Network cables as security devices Andrew J. Luca (Aug 24)
- Re: Network cables as security devices Dominique Brezinski (Aug 27)
- RE: Network cables as security devices KirkAdams (Aug 30)
- <Possible follow-ups>
- Re: Network cables as security devices Steven M. Bellovin (Aug 24)
- Re: Network cables as security devices (NetQuest) Borkin, Michael (Aug 24)