Re: Air gap technologies

[Aleph One <aleph1 () underground org>]

On Tue, Jan 23, 2001 at 04:05:08PM -0500, Frederick M Avolio wrote:
> At 12:22 PM 1/23/01 -0800, Aleph One wrote:
> > What I should have said is that these dual-host systems implemented with a
> > physical air gap and dual-host systems implemented via some other type
> > of point-to-point connection (such a a serial cable) have the same exact
> > security properties.
>
> With the added property that the cable is only ever connected to one side 
> or the other at a time?

A disconnected cable is just as a good to a very close approximation as a 
connected cable were there is no software listening to any requests on it
The switch behavior of listening or not listening to request by one
host or the other can easily be emulated in software. The only attacks
on the connected system when the software is not listening to requests that 
are not possible on the physically disconnected system are attacks against 
the hardware implementing the serial port and the kernel device driver.

The physical gap in the other system is really an illusion. There is
a logical connection between the two systems.

> Anyway... I tire of this discussion and I am sort of hoping the moderator 
> decides to pull the plug. As a friend of mine says, I don't have any dogs 
> in this fight. I don't want to sound like I am brushing anyone off, but I 
> am caring less and less whether I convince anyone of my opinion in this.

;-)

> Fred

-- 
Aleph One / aleph1 () underground org
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards