Firewall Wizards mailing list archives

RE: Network cables as security devices

From: "KirkAdams" <Kirk-Adams () email msn com>
Date: Sat, 29 Aug 1998 23:39:31 -0400

Network packets usually require a fair amount of handshaking, thus making
them difficult to terminate the receive side of connection.

But, there is the possibility of using 2 serial ports to exchange
information with the "isolated" machine mentioned below. Just terminate the
receive line on one port and the transmit line on the other port. This
forces communications to go through WHATEVER handling script you choose to
activate to monitor the ports.

If the two machines are physically co-located the line speeds can be
sufficient for all uses except large file transfers, and maybe even then.

This configuration has been used on "secured" computing systems I've worked
on in the past.
E-Mail for more details.

Kirk Adams
BitStream Communications
KAdams () BitStream org

-----Original Message-----
From: owner-firewall-wizards () nfr net
[mailto:owner-firewall-wizards () nfr net]On Behalf Of Dominique Brezinski
Sent: Thursday, August 27, 1998 12:38 PM
To: Bruce K. Marshall; firewall-wizards () nfr net
Subject: Re: Network cables as security devices


This is not an answer to the original question, but rather a different
approach to the same problem (though more expensive). Another approach is
to build a second logging network. All machines that need to be logged get
a second Ethernet interface. Give the logging machine and all the second
interfaces reserved addresses (10. or 192.168 etc.) and hook them up to a
hub. Make sure the machines generating the audit data are not routing to
the logging network, and harden the logging machine to point where the only
port listening is the logging service (syslog or whatever).
*snip* *snip*
At 04:16 PM 8/19/98 -0500, Bruce K. Marshall wrote:

I'm not sure that it has been mentioned on this list, but on several
occasions I have followed discussions where secure logging systems, IDS,
services, etc. needed additional security.  One piece of advice often
appears to be cutting the "transmit" wires in the network cable.



Dominique Brezinski CISSP                   (612)628-5378
Secure Computing        http://www.securecomputing.com

Current thread:

Network cables as security devices Bruce K. Marshall (Aug 23)
- Re: Network cables as security devices Michael Shields (Aug 24)
- Re: Network cables as security devices Damir Rajnovic (Aug 24)
- RE: Network cables as security devices Andrew J. Luca (Aug 24)
- Re: Network cables as security devices Dominique Brezinski (Aug 27)
  - RE: Network cables as security devices KirkAdams (Aug 30)
- <Possible follow-ups>
- Re: Network cables as security devices Steven M. Bellovin (Aug 24)
- Re: Network cables as security devices (NetQuest) Borkin, Michael (Aug 24)