nanog mailing list archives

Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet

From: Jay Ashworth <jra () baylink com>
Date: Sat, 7 Dec 2013 13:18:52 -0500 (EST)

---- Original Message -----

From: "Christopher Morrow" <morrowc.lists () gmail com>

MPLS != Encryption. MPLS VPN = "Stick a label before the still
unencrypted IP packet".


great, now how do I get a private link?

MPLS doesn't secure your data, you are responsible for keeping it
secure on the wire.


but, but,but! they told me it was private!


As someone -- I think it might have been you, Chris :-) -- pointed out
to me about 6 months ago when I scoffed at SCADA networks that weren't
properly air-gapped, you can't even trust a "private T-1" -- how do you
know that an attacker hasn't put a mid-span DACS in monitor mode?

Unless you have copper conductivity from end to end, and pressurized
conduit with monitors, you can't bet on anything.

Cheers,
-- jra
-- 
Make Election Day a federal holiday: http://wh.gov/lBm94  100k sigs by 12/14

Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274

Current thread:

Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Eugen Leitl (Dec 06)
- Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Jared Mauch (Dec 06)
  - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Brandon Galbraith (Dec 06)
    - Re: Someone¹s Been Siphoning Data Through a Huge Security Hole in the Internet Warren Bailey (Dec 06)
    - Re: Someone¹s Been Siphoning Data Through a Huge Security Hole in the Internet Brandon Galbraith (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Jared Mauch (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Christopher Morrow (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet deleskie (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Jay Ashworth (Dec 07)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Eugeniu Patrascu (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Merike Kaeo (Dec 08)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Jay Ashworth (Dec 08)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Eugeniu Patrascu (Dec 08)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Stephane Bortzmeyer (Dec 06)
  - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Paul Ferguson (Dec 06)
  - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Stephane Bortzmeyer (Dec 06)
    - Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Jared Mauch (Dec 07)
- Re: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet Stephane Bortzmeyer (Dec 06)