more on Chinese hackers

[David Farber <dave () farber net>]

Begin forwarded message:

From: Ross Stapleton-Gray <ross () stapleton-gray com>
Date: November 27, 2005 6:00:04 PM EST
To: dave () farber net, ip () v2 listbox com
Subject: Re: [IP] more on Chinese hackers

At 02:43 PM 11/27/2005, David Wagner wrote:
> SIPRNET (the military's private network for SECRET data) is not  
> "JUST AS
> VULNERABLE" as the Internet.  That's probably partly because  
> SIPRNET is
> administered more carefully -- but the fact that SIPRNET is not
> connected to the Internet anywhere also helps.

But the SIPRNET does, in some fashion, connect to the Internet.   
Here, for example, the Marines are making SIPRNET connections via  
tunnel over NIPRNET:
http://www.fcw.com/fcw/articles/2002/1209/tec-tunnel-12-09-02.asp
"The Marine Corps is reducing the time and expense of connecting  
staff at multiple locations to the Defense Department's secure  
network by using a technique known as tunneling, which lets users  
traverse a nonsecure network to access a top-secret one..."
And the NIPRNET in turn connects to the Internet.

(It may be that the security of such a tunnel or VPN is solid against  
threats to confidentiality, BUT... the Marines now have a SECRET- 
level network whose *availability* depends on a less secure network.   
Something to think about.)

There are also relatively robust one-way gates, to allow for the  
intake of information from lower-level systems; one could presumably  
connect the raw Internet to the TOP SECRET-flavor of Intelink, say,  
using a "data diode" such as Tenix is marketing:  http://www.gcn.com/ 
24_30/security/37212-1.html

Ross


----
Ross Stapleton-Gray, Ph.D.
Stapleton-Gray & Associates, Inc.
http://www.stapleton-gray.com
http://www.sortingdoor.com





-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/