Firewall Wizards mailing list archives
Re: Top Secret DOD Data over the Public Internet? Thoughts?
From: "Paul D. Robertson" <paul () compuwar net>
Date: Sun, 22 Aug 2004 09:58:28 -0400 (EDT)
On Fri, 20 Aug 2004, Marcus J. Ranum wrote:
Transitive trust attacks could be gigantic, especially if you figure that it's all being tunnelled over an encrypted black core point-to-point network. How do you detect attacks and
The royal "we" have transited classified data over unclassified networks for *decades*. The PTN is still an untrusted, unclassified network- as are most public/commercial satcom nets. The major trust point is the encryption boundary. As long as you have a strong encryption boundary, then only a breach of the crypto implementation (especially the keys,) or a back-end breach on either end is a risk, same as it's been for decades. Red/black networking hasn't changed, and isn't likely to change, the real risk is in compromising the encryption boundary- such as having an endpoint that isn't multi-level secure do DNS queries, or having endpoints on the trusted net with Internet access. People who don't understand encryption and doomed to implement it poorly.
track them if they are being done over Type-1 crypto?
At the endpoints, just as it's always been done. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Top Secret DOD Data over the Public Internet? Thoughts? Gary Flynn (Aug 20)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Kevin Sheldrake (Aug 20)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Paul D. Robertson (Aug 22)
- RE: Top Secret DOD Data over the Public Internet? Thoughts? Eugene Kuznetsov (Aug 22)
- RE: Top Secret DOD Data over the Public Internet? Thoughts? Paul D. Robertson (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Christopher Hicks (Aug 20)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? George Capehart (Aug 23)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Paul D. Robertson (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Matt Curtin (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Christopher Hicks (Aug 23)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Marcus J. Ranum (Aug 22)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Chris Pugrud (Aug 22)
(Thread continues...)
- Re: Top Secret DOD Data over the Public Internet? Thoughts? Kevin Sheldrake (Aug 20)