Firewall Wizards mailing list archives
RE: Frame relay security
From: "Brock, Todd A" <brockt () uf9307p01 BirminghamAL ncr com>
Date: Mon, 20 Apr 1998 10:32:04 -0400
+Uncloak+ I too would be REAL interested in any responses to this inquiry. Because I am VERY doubtful that there will be any but purely anecdotal response supporting the assumption of insecurity or known hacks or eavesdropping etc. on a Frame link. IMHO if you think Frame is insecure, then you might as well assume that ALL public telecommunication is. (This includes "private" leased lines). BTW, I have no affiliation with any Telco or related blah, blah... T. Brock +Cloak+ David Lyndon wrote: >I am working on a very big job where we are putting in firewalls in >three datacenters on three continents. Bigcorp currently has all its >intersite traffic going over Frame relay world wide and does not encrypt >it. We said, that is a very bad idea as your data has a very high value >if it gets out ahead of the announcements. You should encrypt it, better >than that you should put your site to site traffic through these nice >firewalls that we are putting in for you and not only encrypt it but use >the firewalls to control access between sites. > >They said, we asked our frame relay provider if they are secure and they >said yes and we believe them. I said, they can say that but I dont >believe it for a minute. > > >So to cut a long and tedious conversation short I would very much like >to hear from anyone stories of how frame relay connections have been >tampered with so that the traffic can be listened to. Listening is >enough, the data does not have to be changed. > >EG. A long time ago I heard a story of how an ISDN connection between >two sites was listened to by sending in a false maintenance note that >meant that the engineer put the switch into maintence mode. Mr >evesdropper then was able to connect to the maintence interface of the >switch and listen to everything going past. > >Any info would be good, specifics cases with names changed to protect >the non so innocent would be better. Please feel free to send me >specifics under cover of the woefully inadaquate export grade SMIME key. >For the truly paranoid you can find a mans strength key at >www.belsign.com > >www.belsign.com > >Thanks for your time. > > >Lyndon David >
Current thread:
- Frame relay security Lyndon David (Apr 20)
- Re: Frame relay security Jeff Sedayao (Apr 20)
- Re: Frame relay security Michael Shields (Apr 27)
- Re: Frame relay security cbrenton (Apr 20)
- <Possible follow-ups>
- RE: Frame relay security Brock, Todd A (Apr 20)
- RE: Frame relay security Rick Smith (Apr 22)
- RE: Frame relay security Henry Hertz Hobbit (Apr 22)
- RE: Frame relay security Rick Smith (Apr 22)
- RE: Frame relay security Vin McLellan (Apr 22)
- RE: Frame relay security Rick Smith (Apr 22)
- Re: Frame relay security Jeff Sedayao (Apr 20)
- re: frame relay security -= ArkanoiD =- (Apr 26)