Firewall Wizards mailing list archives
RE: Frame relay security
From: Rick Smith <rick_smith () securecomputing com>
Date: Wed, 22 Apr 1998 16:57:05 -0500
I wrote:
I think this hits the nail squarely on the head. If the data owner believes that attackers have the means and motive to intercept their traffic as it traverses public telecom networks, then additional security is warranted. If the data owner doesn't believe the attackers' benefits will outweigh their costs, then encryption is unnecessary.
At 3:21 PM -0600 4/22/98, Henry Hertz Hobbit wrote:
I have news for you. The public telecom networks are *not* all that secure. .... I would advise you that telcos are far more vulnerable than you want to believe.
I would advise you that Kevin Mitnick was accused of playing these games over 15 years ago and that the technology has simply improved over the years. The fact that outsiders can manipulate phone switch behavior makes it just about as vulnerable as anyone might want to believe. To repeat my original point -- figure out what you have to lose if someone interferes with your data. Figure out how difficult and reliable the defense measures are. Make the trade off. Lots of people are going to look for security measures, but some folks aren't.
.... Any system you consider for longer distances would be best if it had time-based passwords. Please, let's not get into a discussion of the hacker stealing the password generating algorithm.
If the long distance link is encrypted with a strong algorithm and key, then reusable passwords aren't quite as risky. If the link isn't encrypted, then neither a time based password or a challenge response system like SafeWord is going to protect you from hijacking, unless you reauthenticate for each transaction. Some really paranoid SafeWord customers do that, like a certain bank that got burned for several hundred thousand a few years back. Hijacking is a risk if you've got hackers in the phone switch. Rick. smith () securecomputing com
Current thread:
- Frame relay security Lyndon David (Apr 20)
- Re: Frame relay security Jeff Sedayao (Apr 20)
- Re: Frame relay security Michael Shields (Apr 27)
- Re: Frame relay security cbrenton (Apr 20)
- <Possible follow-ups>
- RE: Frame relay security Brock, Todd A (Apr 20)
- RE: Frame relay security Rick Smith (Apr 22)
- RE: Frame relay security Henry Hertz Hobbit (Apr 22)
- RE: Frame relay security Rick Smith (Apr 22)
- RE: Frame relay security Vin McLellan (Apr 22)
- RE: Frame relay security Rick Smith (Apr 22)
- Re: Frame relay security Jeff Sedayao (Apr 20)
- re: frame relay security -= ArkanoiD =- (Apr 26)