From owner-freebsd-security  Wed Sep  8  9:22:44 1999
Delivered-To: freebsd-security@freebsd.org
Received: from guppy.pond.net (guppy.pond.net [205.240.25.2])
	by hub.freebsd.org (Postfix) with ESMTP id 5147614DC1
	for <freebsd-security@FreeBSD.ORG>; Wed,  8 Sep 1999 09:22:38 -0700 (PDT)
	(envelope-from dmp@aracnet.com)
Received: from aracnet.com (snapuser2-89.pacificcrest.net [216.36.34.89])
	by guppy.pond.net (8.9.3/8.9.3) with ESMTP id JAA22349;
	Wed, 8 Sep 1999 09:19:08 -0700 (PDT)
From: dmp@aracnet.com
Message-ID: <37D68D1D.14D6CAC7@aracnet.com>
Date: Wed, 08 Sep 1999 09:21:49 -0700
X-Mailer: Mozilla 4.6 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Jeffrey J. Mountin" <jeff-ml@mountin.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Layer 2 ethernet encryption?
References: <Pine.BSF.4.10.9909070955040.23589-100000@bsdie.rwsystems.net> <3.0.3.32.19990908100024.01d18800@207.227.119.2>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

"Jeffrey J. Mountin" wrote:
> At 01:06 AM 9/8/99 -0700, dmp@aracnet.com wrote:
>>James Wyatt wrote:
>>>
>>> There are nice 10bT to fiber (fibre in the UK) converters in the BlackBox
>>> catalog (catalogue). You chould put these oh-so-close to the router or
>>> switch in the equipment space - maybe even braid the 10bT cables to
>>> confuse any listeners there. Then 10bF cards in the machines ensure no EMI
>>> emitted in the unsecure area. - Jy@
>>
>>You'll still have EM leakage at the converter and insecure traffic.
>>Plus, you can tap a fibre line almost as easily as you can tap a UTP
>>line.
> 
> Grounded shield at the converter would solve the EM, but would make moving
> connections a real pain.

That's why we have technical assistants.  :-)

> One has to wonder why security is so paramount (barring you admitted
> paranoia).  Or does that require a clearance. 8-)

What, you mean I have to actually *have* a reason for all this?  ;)

> As for anothers mention of TEMPEST, you should check out:
> 
> http://www.eskimo.com/~joelm/tempest.html

Coincidentally, I already had that page bookmarked.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message