[IP] more on Chinese hackers
Begin forwarded message:
From: Ross Stapleton-Gray <ross@xxxxxxxxxxxxxxxxxx>
Date: November 27, 2005 6:00:04 PM EST
To: dave@xxxxxxxxxx, ip@xxxxxxxxxxxxxx
Subject: Re: [IP] more on Chinese hackers
At 02:43 PM 11/27/2005, David Wagner wrote:
SIPRNET (the military's private network for SECRET data) is not
"JUST AS
VULNERABLE" as the Internet. That's probably partly because
SIPRNET is
administered more carefully -- but the fact that SIPRNET is not
connected to the Internet anywhere also helps.
But the SIPRNET does, in some fashion, connect to the Internet.
Here, for example, the Marines are making SIPRNET connections via
tunnel over NIPRNET:
http://www.fcw.com/fcw/articles/2002/1209/tec-tunnel-12-09-02.asp
"The Marine Corps is reducing the time and expense of connecting
staff at multiple locations to the Defense Department's secure
network by using a technique known as tunneling, which lets users
traverse a nonsecure network to access a top-secret one..."
And the NIPRNET in turn connects to the Internet.
(It may be that the security of such a tunnel or VPN is solid against
threats to confidentiality, BUT... the Marines now have a SECRET-
level network whose *availability* depends on a less secure network.
Something to think about.)
There are also relatively robust one-way gates, to allow for the
intake of information from lower-level systems; one could presumably
connect the raw Internet to the TOP SECRET-flavor of Intelink, say,
using a "data diode" such as Tenix is marketing: http://www.gcn.com/
24_30/security/37212-1.html
Ross
----
Ross Stapleton-Gray, Ph.D.
Stapleton-Gray & Associates, Inc.
http://www.stapleton-gray.com
http://www.sortingdoor.com
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/