North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: "top secret" security does require blocking SSH

  • From: Alex Bligh
  • Date: Sun Jul 09 16:15:01 2000

"Derrick" <[email protected]>
> Blocking SSH is a weak solution.

I wrote:
> > No. We are just rapidly approaching the point where people realize
> > it has always been the case that this is impossible.

I meant it has always been the case that blocking covert channels
of communication was technically impossible. You can tunnel ssh
or equivalent through email wordcounts if you really feel the
need. I'm not an expert, but there is good information theory
that says once you allow more than trivial bit rates in/out
of an organization, blocking covert communication encapsulated
one way or another becomes extremely hard.

-- 
Alex Bligh
VP Core Network, Concentric Network Corporation
(formerly GX Networks, Xara Networks)