RE: Fiber optic vampire taps

• Previous message: John Smithson: "Incident Response Guidelines"
• Maybe in reply to: Nick Iglehart: "Fiber optic vampire taps"
• Next in thread: Chris Berry: "RE: Fiber optic vampire taps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Chris Berry" <compjma@hotmail.com>
To: security-basics@securityfocus.com
Date: Fri, 27 Dec 2002 10:43:02 -0800

>From: ONEILL David J <David.J.Oneill@state.or.us>
>VPNs are not the Holy Grail for network security.

Undeniably true, VPNs are part of the current trend towards defense in depth
that is required when you don't have a true solution.

>As a matter of fact, I am suggesting that our project dump its VPN.

Without knowing what you are working on, I can't say whether that's good or
not.

>VPNs are only secure when both ends of the tunnel are electronically
>and physically secure, something that no one can insure with 99.5%
>certainty.

Totally accurrate, but irrelevant, since the purpose of a VPN is to ensure
security in between endpoints, not at the endpoints. In this particular
case, since they were worried about sniffing on a fiber optic line between
buildings, it seems to fit the bill nicely.

Chris Berry
compjma@hotmail.com
Systems Administrator
JM Associates

"I can sleep at night because my servers are secure. What's the secret you
ask? I filled them with concrete."

_________________________________________________________________
MSN 8 limited-time offer: Join now and get 3 months FREE*.
http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishere_3mf

• Next message: Robert Sieber: "RE: [Re-post] Suggestions for basic software for security"
• Previous message: John Smithson: "Incident Response Guidelines"
• Maybe in reply to: Nick Iglehart: "Fiber optic vampire taps"
• Next in thread: Chris Berry: "RE: Fiber optic vampire taps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]