RE: Fiber optic vampire taps

["James Lee Gromoll" <jgromoll () hotmail com>]

Hi All,

I am not so sure you need to break the sheath. It is very easy to 
demonstrate light emitting from a fiber optic zip cord with a laser source. 
A simple hard bend and a high end detector might do the trick; However, if 
you really are concerned the best way to figure out if you are tapped in 
some manner is to shoot your fiber plant with an OTDR. A hard bend in the 
line or even an really good splice shows up as what is called a reflective 
event on the OTDR. Unless your cable is broken you should see a fairly 
linear dropoff on the OTDR until the termination of the line at the other 
building. If you have a bend you will see a small spike followed by a 
noticible drop in the signal strength. If someone has on the other hand put 
in a laser pump I am not certain, but I suspect you will see a sharp rise in 
signal strength. You can measure the distance on the trace and if it is less 
than the distance between your building entrance points well, "Houston we 
have a problem."

On another note. Your installers should have been able to tell you this 
also. For the real experts on Fiber get in contact with the Light Brigade. 
These guys are the avowed experts in fiber installation, and what you are 
talking about relates strongly to installation. As for whether or not it can 
be tapped, there is a way to sample the light, so someone with the will 
could do it.






> From: ktyler () nautilus-ins com
> To: "Hornat, Charles" <Charles_Hornat () standardandpoors com>
> CC: security-basics () securityfocus com
> Subject: RE: Fiber optic vampire taps
> Date: Tue, 24 Dec 2002 12:23:03 -0700
>
>
>
>    In fact, a $1,200 "clip" can be used to tap into fiber-optics to steal 
> or inject data into a
>    system, Cohen said
>
>
>    Don't believe everything you read. I highly doubt that you can buy or 
> even make a device that
>    simply "clips" on to a fiber cable to tap data.
>
>
>    Keith
>
>
>
>
>
>
>
>
>
>                       "Hornat, Charles"
>                       <Charles_Hornat@standardan        To:       
> <security-basics () securityfocus com>
>                       dpoors.com>                       cc:
>                                                         Subject:  RE: 
> Fiber optic vampire taps
>                       12/24/2002 07:05 AM
>
>
>
>
>
>
> This is not true.  The US Navy did this to the Russians a few years
> back.
>
> http://www.bizjournals.com/philadelphia/stories/2002/07/29/newscolumn2.h
> tml
>
> I don't recall what this method was called back then though, it wasn't
> "clips".
>
> Charles
>
>
>
> -----Original Message-----
> From: Alvey Robert W KPWA [mailto:AlveyRW () kpt nuwc navy mil]
> Sent: Monday, December 23, 2002 5:48 PM
> To: 'nick () systemsecuritysolutions com';
> security-basics () securityfocus com
> Subject: RE: Fiber optic vampire taps
>
> In order to tap into a fiber line you have to break the sheath.  The
> signal
> is entirely optic, if you don't break the sheath you can't even see the
> signal.  However, even if someone does decide to break into it then
> they've
> got another problem, exactly how to do it, it's extremely difficult
> because
> any sort of tapping into the signal seriously degrades the link, that's
> if
> it doesn't go down entirely, and it would be immediately noticeable if
> someone was tapping into your fiber line.
>
> -----Original Message-----
> From: Nick Iglehart [mailto:nick () systemsecuritysolutions com]
> Sent: Friday, December 20, 2002 3:41 PM
> To: security-basics () securityfocus com
> Subject: Fiber optic vampire taps
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I have a client who has a fiber optic line between two buildings.
> There is no physical security and so they are concerned about someone
> tapping into the fiber line and capturing data.
>
> I read something a while back about tapping fiber optic lines without
> breaking the sheathing and now I can't seem to find anything but vague
> references to it.  I have googled for hours and checked the sf archives
> with
> no luck.  Anyone have any references to this?  Any help is appreciated.
>
> Nick
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBPgOqcKq/UK5/FuEgEQJrawCgqX64DN0KqFv4h373stMEcU70vB8AoMZ3
> 9YU6ysv+TwubV0jkbfAJ3K5n
> =LoN2
> -----END PGP SIGNATURE-----
>
>
>
> --------------------------------------------------------
>
>
> The information contained in this message is intended only for the
> recipient, and may be a confidential attorney-client communication or may
> otherwise be privileged and confidential and protected from disclosure. If
> the reader of this message is not the intended recipient, or an employee or
> agent responsible for delivering this message to the intended recipient,
> please be aware that any dissemination or copying of this communication is
> strictly prohibited. If you have received this communication in error,
> please immediately notify us by replying to the message and deleting it
> from your computer.
>
> Thank you,
>
> Standard & Poor's
>
> --------------------------------------------------------


_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_addphotos_3mf