Penetration Testing mailing list archives
Re: [PEN-TEST] Datacenter Wiring
From: "Frasnelli, Dan" <dfrasnel () COREWAR COM>
Date: Wed, 18 Oct 2000 18:32:06 -0400
either run out in the open (loose under raised floor is considered to be in the open for this discussion) or hidden in conduit. From a penetration standpoint do you feel it is easier to compromise exposed wiring or "hidden" wiring? I'm interested in opinions regarding the ease of identifying the
Unauthorized physical access to a datacenter probably indicates a more serious issue than how one arranges wiring. The attacker will not care whether its conduit or open wiring once inside. Same goes for the inside threat vector.. a malicious insider with access and knowledge of critical nodes indicates insufficient background investigation or overlooking signs of malcontent. In short, physical access usually equals network access.
disturbances, etc. Which wiring technique would you suggest your clients use to provide them with the "best" security against penetrators? So do you consider yourself a "wire walker" or a conduit person?
Conduit lowers the effectiveness of excuses if the intruder is caught. Its more plausible that "I wanted to see why my desktop fell of the network" than "Oh, I ripped out conduit and attached a phantom tap in a fit of rage. Sorry.". If you start with the assumption that physical access is secure, you can suggest evaluating the vmps feature of Cisco's IOS. Simply, vmps manages a database of mac addresses and can shut down a switch port if an unrecognized device is connected. A switched network with vmps implemented reduces the risk of sniffing and network connectivity if an intruder gains physical access. -dan
Current thread:
- Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training hellnbak (Oct 17)
- Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training Christopher Misra (Oct 17)
- <Possible follow-ups>
- Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training Oliver Petruzel (Oct 17)
- Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training Alfred Huger (Oct 17)
- Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training Bennett, Geoffrey (Oct 17)
- [PEN-TEST] Datacenter Wiring Tom Litney (Oct 18)
- Re: [PEN-TEST] Datacenter Wiring Frasnelli, Dan (Oct 18)
- Re: [PEN-TEST] Datacenter Wiring JLJ (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring Andre Delafontaine (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring c0ncept (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring Peter Van Epp (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring Aj Effin ReznoR (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring Darryl Luff (Oct 19)
- Re: [PEN-TEST] Datacenter Wiring JLJ (Oct 19)
- Re: [PEN-TEST] Datacenter Wiring Tom Litney (Oct 20)
- Re: [PEN-TEST] Datacenter Wiring Drew Simonis (Oct 21)
- Re: [PEN-TEST] Datacenter Wiring McGann, J (Oct 21)