|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Rules On Internet Wiretapping Challenged
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 in-line: Adam Chesnutt wrote: > This whole thread is silly! It's not hard to trap and trace a suspect. > It doesn't require a "Whole new generation of routers and switches" - -------------- That was exactly my understanding but I think it goes beyond that. > > Correct me if I'm wrong here, but it seems to me that it's a fairly > trivial task to mirror and upstream, and isolate the traffic required. > I've performed such taps before and usually find it to easily performed > with a single FreeBSD box, and a mirrored port on the router. - --------------- true enough. > > Or maybe I'm just missing the point of this thread. - --------- You might want to take a look at rfc 2804 for some background. regards, /virendra > > Flounder > > > Vicky Rode wrote: > > > comments in-line: > > > Peter Dambier wrote: > > > >>Vicky Rode wrote: > > > > >>>...Raising my hand. > >>>My question is on Terry Hartle's comments, maybe someone with more >>>insight into this could help clear my confusion. > >>>Why would it require to replace every router and every switch when my >>>understanding is, FCC is looking to install *additional* gateway(s) to >>>monitor Internet-based phone calls and emails. >>> > > >>In a datacenter you have lines coming in and lines going out. And you >>have internal equippment. > >>You have to eavesdrop on all of this because the supposed terrorist >>might come in via ssh and use a local mail programme to send his email. > > > > -------------- > How do you differentiate between a hacker and a terrorist? > > For all you know this so called "terrorist" might be coming from a > spoofed machine(s) behind anyone's desk. > > > > > >>So you have to eavesdrop on all incoming lines because you dont know >>where he comes in. Via aDSL? via cable modem? Via a glass fiber? > >>And you have to monitor all internal switches because you dont know >>which host he might have hacked. > >>Guess a cheap switch with 24 ports a 100 Mbit. That makes 2.4 Gig. >>You have to watch all of these. They can all send at the same time. >>Your switch might have 1 Gig uplink. But that uplink is already in >>use for your uplink and it does not even support 2.4 Gig. > > > > ------------- > There are ways to address over-subscription issues. > > > > > >>How about switches used in datacenters with 48 ports, 128 ports, ... >>Where do you get the capacity for multiple Gigs just for eavesdropping? > >>On the other hand - most switches have a port for debugging. But this >>port can only listen on one port not on 24 or even 48 of them. > >>So you have to invent a new generation of switches. > > > > ---------------- > I don't believe this is the primary reason for replacing every router > and every switch. > > I think (correct me if I'm wrong) it has to do with the way wiretap > feature (lack of a better term) that .gov is wanting vendors to > implement within their devices, may be at the network stack level. > > I guess it's time to revisit rfc 2804. > > > > > >>How about the routers? They are even more complicated than a switch. > >>As everybody should know by now - every router can be hacked. So >>your monitoring must be outside the router. > >>The gouvernment will offer you an *additional* gateway. >>I wonder what that beast will look like. It must be able to take >>all input you get from a glass fiber. Or do they ask us to get >>down with our speed so they have time to eavesdrop. > > > > ----------------- > powered by dhs w/ made in china sticker :-) > > I'm not being smarty pants about this...it is actually happening. That's > all I can say. > > > > regards, > /virendra > > > > > > > >>>I can see some sort of >>>network redesign happening in order to accodomate this but replacing >>>every router and every switch sounds too drastic, unless I >>>mis-understood it. Please, I'm not advocating this change but just >>>trying to understand the impact from an operation standpoint. > >>> > > >>Yes, it is drastic. But if they want to eavesdrop that is the only >>way to do it. > > > > > >>>Any insight will be appreciated. > > > >>>regards, >>>/virendra > >>> > > >>Here in germany we accidently have found out why east germany had >>to finally give up: > >>They installed equippement to eavesdrop and tape on every single >>telefone line. They could not produce enough tapes to keep up >>with this :) > >>Not to mention what happened when they "recycled" the tapes and >>did not have the time to first erase them :) > > >>Kind regards, >>Peter and Karin > > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDakYzpbZvCIJx1bcRAv2XAKDxgQqfs+nZMrUCR7zyKATJjfEBbgCg9/lu N7waCSlgruy6yecfnFwO17M= =1vBJ -----END PGP SIGNATURE-----
|