Firewall Wizards mailing list archives
Re: Air gap technologies
From: Aleph One <aleph1 () underground org>
Date: Mon, 22 Jan 2001 15:28:46 -0800
On Thu, Jan 18, 2001 at 01:19:40PM -0500, Frederick M Avolio wrote:
As I said ages ago when this came up before... I have reviewed the technology. I like it. I am not a vendor. I call it an Air Gap. So, I disagree with your analysis that it is a distortion of the truth. It is not sneaker-net. I have no problem calling it an air gap. (I do have a problem with one of their competitors, who has no hardware disconnect as far as I can tell and just has software acting as the gap... That one *is* a proxy firewall as far as I can tell from their lit.
Thats ridiculous. Whether or not there is an actual physical air gap is not important. Both products could perform the exact same functions whether they use some fancy SCSI switch or a serial cable. If the software at the end of the serial cable is not listening to requests its no less secure than an "air gap". The inverse is also true, if the system with an "air gap" is always "on" and handling requests its no more secure than the system with a serial cable. Thus I would argue that the system with the "air gap" is mor suspect as its obvious the "air gap" was added as a markteting gimmick and not as something that would improve the security of the system. This also shows why calling these system an "air gap" is wrong. They are functionally identical to systems implemented without an "air gap". A better name would be something along the lines of a "dual-host proxies" or a "peephole proxies". -- Aleph One / aleph1 () underground org http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Air gap technologies, (continued)
- RE: Air gap technologies Robert Graham (Jan 22)
- What is a proxy? Robert Graham (Jan 24)
- RE: What is a proxy? Andreas Haug (Jan 25)
- Re: What is a proxy? Gary Flynn (Jan 25)
- Re: Air gap technologies Crispin Cowan (Jan 24)
- Message not available
- Re: What is a proxy? Marcus J. Ranum (Jan 25)
- Message not available
- pcanywhere encryption hermit1 (Jan 26)
- Re: pcanywhere encryption Crist Clark (Jan 29)
- Re: pcanywhere encryption Randy Witlicki (Jan 29)
- Re: pcanywhere encryption Adam Shostack (Jan 29)
- Re: Air gap technologies Aleph One (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 24)
- Re: Air gap technologies Aleph One (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 24)
- Re: Air gap technologies Crispin Cowan (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 25)
- Re: Air gap technologies Crispin Cowan (Jan 25)
- Re: Air gap technologies Aleph One (Jan 24)