Firewall Wizards mailing list archives
Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd)
From: Rick Murphy <rmurphy () mitretek org>
Date: Mon, 19 Oct 1998 10:52:07 -0400
At 05:45 PM 10/19/98 +0400, ark () eltex ru wrote:
Hmm and how does classified side make requests? Or it does not?
It doesn't. The use that I'm aware of - the X proxy - allows you to have a single workstation between two networks. You run an X terminal connected to the classified network; a proxy server exists on the unclassified network that takes X drawing requests and directs them through the data diode to a second proxy running on the classified side. Information only flows up; the X apps running on the unclassified side get acks from the low side proxy, which is simulating an X server. Keyboard and mouse switch back and forth. You can run an unclassified application, cut some text, switch to classified, then paste to move data up.
So what protocols can it use?
TCP/IP.
Should be not so hard to implement, although..
Actually, the physical hardware is pretty straightforward. The software must have been very difficult to get working - keeping the state of the two X servers consistent with no feedback is hard. -Rick
Current thread:
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) ark (Oct 23)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Rick Murphy (Oct 23)
- <Possible follow-ups>
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Jeremy Epstein (Oct 23)
- RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Jeremy Epstein (Oct 28)