Re: ATM Security

From: Walter Roberson (roberson@ibd.nrc.ca)
Date: 06/28/02 

From: roberson@ibd.nrc.ca (Walter Roberson)
Date: 28 Jun 2002 05:08:12 GMT

In article <1619a6e2.0206272013.452133a2@posting.google.com>,
Jason <groupware@rocketmail.com> wrote:
:I am not an expert in ATM security or ATM for that matter, but as part
:of a review I am doing the following statement has been made. On face
:value I don't agree with it but was wondering if any one had any
:comments:

:Background - describing ATM connection between two companies over a
:telco public with 2 hops one on a Public ATM link then one on a
:Private ATM link on private Virtual Circuits.

:"The network is built on a high-speed backbone making data snooping
:extremely difficult. The only viable access points where data streams
:can be monitored are in fact the Company 1 or Company 2 controlled
:data centres where the network is broken down to the TCP/IP level."

Hmmm. "viable" for whom, with what value at stake?

ATM starts at OC3, 155 Mbit/second. That's not really very fast these
days, unless you are using one of the higher speed versions. It's less
than twice as fast as 100 Mbit/second that can be handled fairly easy.

ATM is often on fibre. If someone has physical access to the fibre and
can strip off the protective case, then there are known ways to get
fibres to "leak" by bending them gently.

Also, I have to ask exactly what is meant by a "hop". We had an ATM,
and I had always thought that we were one "hop" from the ISP's router,
because that's what the signalling layer and IP layer said. But then
someone said something in passing, and I realized that in fact our
fibre went from our building over to a fibre switching central site,
and was *switched* from there to the ISP. To the signalling layer and
the IP layer, this switching was transparent (indistinguishable,
essentially, from a fibre repeater). Clearly, though, this switch would
have been a good point at which to tap the fibre.