Firewall Wizards mailing list archives
Re: Re: AirGap's... one way protection
From: Frederick M Avolio <fred () avolio com>
Date: Thu, 19 Oct 2000 14:46:17 -0400
At 05:50 PM 10/18/00 -0500, Joe Nall wrote:
You don't need a firewall at all for this, just a one way serial connection and a little bit of software. The problem with the one way approach is that the box doing the pushing doesn't know if the data ever got to the destination. As soon as you add an acknowledgment from the destination, you have a signaling channel back across the interface.
In order to have a confirmed transaction, you need a response. But what in the world do you mean here? All signaling channels are equally exploitable? Surely you're not suggesting that.
Variants of this have been used for decades ... They are not popular because they (like the aforementioned e-Gap capability) have _very_ limited utility in the real world.
They are incredibly popular in the places that need them.
FWIW, I don't buy into the e-Gap marketing at all.
Well... yes, we see that. :-) f _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: AirGap's... one way protection Jon Squire (Oct 18)
- Re: Re: AirGap's... one way protection Joe Nall (Oct 19)
- Re: Re: AirGap's... one way protection Frederick M Avolio (Oct 19)
- Re: Re: AirGap's... one way protection Joe Nall (Oct 19)
- Re: Re: AirGap's... one way protection Frederick M Avolio (Oct 20)
- Re: Re: AirGap's... one way protection Joe Nall (Oct 20)
- Re: Re: AirGap's... one way protection Frederick M Avolio (Oct 23)
- Re: Re: AirGap's... one way protection Frederick M Avolio (Oct 19)
- Re: Re: AirGap's... one way protection Joe Nall (Oct 19)
- <Possible follow-ups>
- RE: Re: AirGap's... one way protection Harris, Tim (Oct 19)
- RE: Re: AirGap's... one way protection Frederick M Avolio (Oct 23)
- RE: Re: AirGap's... one way protection Harris, Tim (Oct 23)