Firewall Wizards mailing list archives
Re: Security of satellite links into an organisation
From: Chris Keladis <chris () cmc cwo net au>
Date: Sat, 27 Jan 2001 08:31:46 +1100
Tom wrote:
An attacker could do traffic analysis, read senitive data and correlate insensitive data to useful information etc.. If you allow inbound logins via one-time-passwords or use weak key exchange protocols for encrypted logins, it may be posible to hijack valid inbound connections after the authentication has taken place.
Allthough i am not a Satellite engineer i understand it is possible to use various forms of crypto with your Satellite link.. Probably anything up to 3DES. This is up to your ISP and their Satellite provider(s) and the hardware they use. There is also the fact that you need various parameters to tap into the Satellite stream. These by no means were designed with security in mind, but you need these additional 'settings' like the PID of a certain broadcasted stream, making it just a little bit trickier than just "receiving the stream".. I guess dish alignment, and selecting the right bird, fall into this category as well. The old 'security through obscurity' argument :) Interestingly enough, once you have the PID and other settings, assuming a feed for multiple POPs within an ISP, you can snoop ALL the traffic within that particular PID. (I actually tested this in a previous life). So segmentation between the PIDs could be a mitigating factor to security, allthough it may be impractical to get a PID of your own especially if your downstream from an ISP who use Satellites.
The link to the satellite isn't physicaly protected like a link throu a wire, so it's easy for an attacker to attack/eavesdrop on you.
It depends.. If you penetrate a wire, you can tap communications both ways (assuming clear-text), whereas with Satellite you can only view received traffic, not to mention having to guess the right bird, PID and associated settings. Thinking out aloud, i guess broadband cable inherets the same fundamental properties.. I know the bird, alignment & PID info can be gleaned by social engineering and further details gained from the WWW, but these are all points which need to be addressed for a successfull attack. My personal opinion is if their left in the clear, and not authenticated, their both as insecure as each other, one just requires slightly more work :^) VPNs address this issue quite well, abstracting the connection between two systems, from the links physical properties. Regards, Chris. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Security of satellite links into an organisation Wigg, Guy G (Jan 25)
- Re: Security of satellite links into an organisation Tom (Jan 26)
- Re: Security of satellite links into an organisation Chris Keladis (Jan 26)
- <Possible follow-ups>
- RE: Security of satellite links into an organisation Randy Garbrick (Jan 25)
- RE: Security of satellite links into an organisation LeGrow, Matt (Jan 25)
- Re: Security of satellite links into an organisation dharris (Jan 25)
- RE: Security of satellite links into an organisation Wigg, Guy G (Jan 26)
- RE: RE: Security of satellite links into an organisation Safier, Adam (GEIO) (Jan 26)
- Re: Security of satellite links into an organisation Tom (Jan 26)