nanog mailing list archives
Re: "top secret" security does require blocking SSH
From: Alex Bligh <amb () gxn net>
Date: Sun, 09 Jul 2000 21:12:02 +0100
"Derrick" <Derrick () anei com>
Blocking SSH is a weak solution.
I wrote:
No. We are just rapidly approaching the point where people realize it has always been the case that this is impossible.
I meant it has always been the case that blocking covert channels of communication was technically impossible. You can tunnel ssh or equivalent through email wordcounts if you really feel the need. I'm not an expert, but there is good information theory that says once you allow more than trivial bit rates in/out of an organization, blocking covert communication encapsulated one way or another becomes extremely hard. -- Alex Bligh VP Core Network, Concentric Network Corporation (formerly GX Networks, Xara Networks)
Current thread:
- RE: RBL-type BGP service for known rogue networks?, (continued)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Rodney Joffe (Jul 08)
- Re: RBL-type BGP service for known rogue networks? John Payne (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Dana Hudes (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 09)
- "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Re: "top secret" security does require blocking SSH Alex Bligh (Jul 09)
- RE: "top secret" security does require blocking SSH Derrick (Jul 09)
- Re: "top secret" security does require blocking SSH Alex Bligh (Jul 09)
- RE: "top secret" security does require blocking SSH Roeland M.J. Meyer (Jul 09)
- RE: "top secret" security does require blocking SSH Christopher Palmer (Jul 10)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Re: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Open Broadcast Amplifier networks list. Simon Lyall (Jul 12)
- Re: "top secret" security does require blocking SSH Stephen Sprunk (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Richard Irving (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Derek J. Balling (Jul 09)