North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Clarification needed on ATM
- From: Valdis.Kletnieks
- Date: Thu Jun 06 13:10:14 2002
On Thu, 06 Jun 2002 08:23:14 EDT, Rich Sena <email@example.com> said:
> OK - sorry if this is elementary - however I am dealing with a challenge
> to the security of some ATM links that we have connecting remote
> facilities to a main campus. The connections are all PVPs with individual
> PVCs defined point to point. The concern that is being raised is that
> although these connections appear point-to-point PVCs to the router
> interfaces at our sites and our main campus - they are more than likely
> switched SVCs on the provider backbone...
Do the security analysis further. You only care about the difference if
it means that different classes of people can do Something Evil to you.
So, for instance, if you asked for fiber because it requires physical access
and at least a bit of clue to tap, and instead one hop is over microwave,
that *is* a problem, because you can often tap microwave without having to get
physical access to the towers. I would say that the actual media used
for the circuit *is* a valid security issue. On the other hand, the media
used probably has little or no relationship to whether it's nailed or not.
So let's think. There's two classes of people you need to worry about:
1) rogue employees of your carrier. Here, the distinction doesn't matter,
because they can do Something Evil whether it's a nailed connection or
a virtual connection.
2) outside agents. Again, if they can do Something Evil when it's a virtual
connection, making it a nailed connection won't slow them down much.
If your security needs are so stringent that you care about the distinction
between virtual and nailed connections, it's time to start deploying in-depth
Yes, somebody could hijack a virtual connection by hacking one of the
switches involved, to either perform a MITM attack or a DoS attack.
In the first case (MITM attack), you should be using an end-to-end
authentication/encryption scheme. After all, MITM attacks can happen elsewhere
along the path (it's amazing how many cases I've heard of where a rogue PC or
hacked server on the same subnet as the target server was used to MITM by the
simple expedient of sending forged ICMP Redirect packets).
In the second case (DoS), you should be utilizing multihoming (remember
that they can DoS you by using a chainsaw - you slice the cables, it doesn't
matter what sort of connection it used to be. Anybody who hasn't had a chat
with a backhoe operator hasn't been in this business for long ;)
Also, remember that although outside hackers from some 2nd/3rd world country
are getting all the attention, the *really* bad news is usually a disgruntled
(possible former) employee.
Computer Systems Senior Engineer
Description: PGP signature