Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs

[Peter Gamache <peter () LUNO ORG>]

"van der Kooij, Hugo" wrote:

> On Tue, 24 Oct 2000, Talisker wrote:
>
> > "OC-# - OC-1,2-48 etc.. Any fiber optic medium is going to require you to
> > split the fiber itself at some point and redirect the signal into a third
> > party tap. From there you will once again have to reconstruct the data
> > stream from the multiplexed/frame encapsulated data within.. this applies to
> > almost any type of carrier."
>
> I just saw some mentioning of using quantum level signaling to prevent
> taps. As at this level you can't inspect a signal without altering it. So
> a good CRC check would notice tampering with the transmission.

I've only had one client who cared about fiberoptic security (it's outside the
reach of most folks these days, and they didn't understand that their competitors
aren't 14-year-olds with 486's) - and I advised them of a very simple tactic: Put
the fiber within a metal pipe, then fill the pipe with air, under pressure.  Once
the pressure is applied and the pipe sealed, a pressure sensor at either end can
easily tell you of a physical security breach.  I thought of this after the
installation, but an even better idea (to prevent rust within the pipe) is to
pressurise the pipe with pure nitrogen gas instead of air.

Can anyone see a way to get past the nitrogen/pressure sensor defense?

- Peter