Firewall Wizards mailing list archives
RE: Network cables as security devices
From: "KirkAdams" <Kirk-Adams () email msn com>
Date: Sat, 29 Aug 1998 23:39:31 -0400
Network packets usually require a fair amount of handshaking, thus making them difficult to terminate the receive side of connection. But, there is the possibility of using 2 serial ports to exchange information with the "isolated" machine mentioned below. Just terminate the receive line on one port and the transmit line on the other port. This forces communications to go through WHATEVER handling script you choose to activate to monitor the ports. If the two machines are physically co-located the line speeds can be sufficient for all uses except large file transfers, and maybe even then. This configuration has been used on "secured" computing systems I've worked on in the past. E-Mail for more details. Kirk Adams BitStream Communications KAdams () BitStream org -----Original Message----- From: owner-firewall-wizards () nfr net [mailto:owner-firewall-wizards () nfr net]On Behalf Of Dominique Brezinski Sent: Thursday, August 27, 1998 12:38 PM To: Bruce K. Marshall; firewall-wizards () nfr net Subject: Re: Network cables as security devices This is not an answer to the original question, but rather a different approach to the same problem (though more expensive). Another approach is to build a second logging network. All machines that need to be logged get a second Ethernet interface. Give the logging machine and all the second interfaces reserved addresses (10. or 192.168 etc.) and hook them up to a hub. Make sure the machines generating the audit data are not routing to the logging network, and harden the logging machine to point where the only port listening is the logging service (syslog or whatever). *snip* *snip* At 04:16 PM 8/19/98 -0500, Bruce K. Marshall wrote:
I'm not sure that it has been mentioned on this list, but on several occasions I have followed discussions where secure logging systems, IDS, services, etc. needed additional security. One piece of advice often appears to be cutting the "transmit" wires in the network cable.
Dominique Brezinski CISSP (612)628-5378 Secure Computing http://www.securecomputing.com
Current thread:
- Network cables as security devices Bruce K. Marshall (Aug 23)
- Re: Network cables as security devices Michael Shields (Aug 24)
- Re: Network cables as security devices Damir Rajnovic (Aug 24)
- RE: Network cables as security devices Andrew J. Luca (Aug 24)
- Re: Network cables as security devices Dominique Brezinski (Aug 27)
- RE: Network cables as security devices KirkAdams (Aug 30)
- <Possible follow-ups>
- Re: Network cables as security devices Steven M. Bellovin (Aug 24)
- Re: Network cables as security devices (NetQuest) Borkin, Michael (Aug 24)