Re: Risks of File Transfer on a Fully Switched Network

[David Gillett <gillettdavid () FHDA EDU>]

  A working switched network SHOULDN'T expose information like this, but
we've seen
equipment leak traffic to other ports (normal clients will ignore it, but a
sniffer can see
it...) and then there are techniques (such as Ettercap, ARP poisoning) to
defeat the tiny
security that switching might provide.

  We try to keep sensitive info to a separate VLAN, which only exists in
buildings where
there are legitimate clients.  You may also be able -- depending on the OSes
involved --
to enable IPSEC between the clients and servers to cloak the content from
prying eyes.

David Gillett




  _____

From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
Sent: Tuesday, November 29, 2005 11:28 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Risks of File Transfer on a Fully Switched Network




I am being told that the risk of transferring sensitive files over our
InTRAnet is so low that we should not require encryption for these internal
file transfers. Transferring over the Internet in the clear is clearly a
problem, but are others willing to share your position on the transmission
of sensitive data in the clear internally (assuming a fully switched
network)??

Thanks...

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key:  <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
 <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB