Firewall Wizards mailing list archives
RE: Air gap technologies
From: Elad Baron <elad () whale-com com>
Date: Thu, 25 Jan 2001 10:21:01 -0500
So how does it boot, then?
Any computer, to be useful, runs some kind of an operating system. It may be a program you wrote, or it may be a program someone else wrote, but if it walks like an operating system and quacks like an operating system, then it's an operating system.
An operating system defines processes, and governs their activities (privileges, scheduling, private address space, etc). It also provides general services that helps processes with communication issues, synchronization, transparent hardware access, etc. Like always, the more functionality you give and the wider the area you cover - the more chances for security holes in the implementation. The e-Gap appliance DOES NOT have an operating system. It has only a micro-controller (8051 compatible) which governs the SCSI controller (used to implement the memory device). The assembly language code of that micro-controller is in ROM and can not be changed by software. Moreover, the logic that disconnects the SCSI wires (i.e., disconnects the memory device from one side and connects it to the other) is implemented in CPLDs (logic gate arrays), and is activating analog switches for the disconnection of the wires. Obviously, the appliance has no TCP/IP address nor stack. The benefit of the above is that even if someone exploited the external server and is trying to tamper with the SCSI protocol (which was not design for security!), s/he will not be able to exploit any vulnerability in the SCSI drivers of the internal e-Gap (if any exist), since s/he will be talking to an unprogrammable "dumb" device. When the device is disconnected from the outside and connected to the inside, it is being reset, and a ROM version of the SCSI protocol is being used to talk to the Internal server. Does that walk like Windows NT and quack like Unix? _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Air gap technologies, (continued)
- Re: Air gap technologies Crispin Cowan (Jan 22)
- RE: Re: Air gap technologies rreiner (Jan 22)
- RE: Air gap technologies Elad Baron (Jan 24)
- Re: Air gap technologies Aleph One (Jan 25)
- RE: Air gap technologies Elad Baron (Jan 24)
- Re: Air gap technologies Eilon Gishri (Jan 24)
- RE: Air gap technologies Marcus J. Ranum (Jan 25)
- Re: Air gap technologies Aleph One (Jan 25)
- RE: Re: Air gap technologies Predrag Zivic (Jan 24)
- RE: Air gap technologies Bill Stout (Jan 25)
- RE: Air gap technologies Elad Baron (Jan 25)
- Re: Air gap technologies Avi Rubin (Jan 25)
- RE: Air gap technologies Frank Knobbe (Jan 25)
- RE: Air gap technologies daN. (Jan 25)
- RE: Air gap technologies Elad Baron (Jan 25)
- Re: Air gap technologies David Wagner (Jan 25)
- Re: Air gap technologies Adam Shostack (Jan 26)
- Re: Air gap technologies Aleph One (Jan 25)
- Re: Air gap technologies David Wagner (Jan 25)
- RE: Air gap technologies Bill_Royds (Jan 25)
- RE: Air gap technologies Elad Baron (Jan 25)
- Re: Air gap technologies Aleph One (Jan 25)
(Thread continues...)