Re: [PEN-TEST] Datacenter Wiring

["Frasnelli, Dan" <dfrasnel () COREWAR COM>]

> either run out in the open (loose under raised floor is considered to be in
> the open for this discussion) or hidden in conduit.  From a penetration
> standpoint do you feel it is easier to compromise exposed wiring or "hidden"
> wiring?  I'm interested in opinions regarding the ease of identifying the

Unauthorized physical access to a datacenter probably indicates a
more serious issue than how one arranges wiring.  The attacker
will not care whether its conduit or open wiring once inside.
Same goes for the inside threat vector.. a malicious insider
with access and knowledge of critical nodes indicates insufficient
background investigation or overlooking signs of malcontent.
In short, physical access usually equals network access.

> disturbances, etc.  Which wiring technique would you suggest your clients
> use to provide them with the "best" security against penetrators?  So do you
> consider yourself a "wire walker" or a conduit person?

Conduit lowers the effectiveness of excuses if the intruder is
caught.  Its more plausible that "I wanted to see why my desktop
 fell of the network" than "Oh, I ripped out conduit and attached
 a phantom tap in a fit of rage.  Sorry.".

If you start with the assumption that physical access is
secure, you can suggest evaluating the vmps feature of
Cisco's IOS.  Simply, vmps manages a database of mac addresses
and can shut down a switch port if an unrecognized device
is connected.  A switched network with vmps implemented
reduces the risk of sniffing and network connectivity
if an intruder gains physical access.

-dan