Re: inter-site WAN security question

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2007-07-04 nobledark () hushmail com wrote:
> 1st post - I had a hypothetical question poised to me that I could 
> not answer so I thought that I would ask the list. Here's the 
> scenario:
>
>  - Two sites, s1 and s2
>  - s1 and s2 have the need for a bi-directional WAN link
>  - The WAN link would be secured via a VPN and all traffic would be 
>    tunneled through the VPN
>  - Both sites are connected via broadband links; s1 is on a cable 
>    modem and s2 utilizes a factional T-1.
>  - There are 5 hops between s1 and s2.
>
> Given this scenario, the question was, how anonymous can the 
> connection be between these sites? Put a different way, assuming 
> that s1 and s2 are secure and not under hacker control, how much of 
> a threat is there of a 3rd party monitoring the traffic stream over 
> the route between the sites and discovering that they are talking 
> to each other?

Anyone who is able to sniff packets along the route will be able to
discover *that* they are talking to each other. The risk of someone
discovering *what* they are talking to each other depends on the
strength of the cryptography the VPN uses.

If you want to conceal the fact that there's communication between the
two sites you need something like onion routing.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq