Path: utzoo!utgpu!water!watmath!clyde!bellcore!rutgers!gatech!bloom-beacon!husc6!cmcl2!brl-adm!adm!roberts@cmr.icst.nbs.gov From: roberts@cmr.icst.nbs.gov (John Roberts) Newsgroups: comp.unix.questions Subject: wiretapping techniques Message-ID: <16625@brl-adm.ARPA> Date: 25 Jul 88 15:46:47 GMT Sender: news@brl-adm.ARPA Lines: 29 With few exceptions, I think the following can be considered true: 1) A network can not be considered secure if the physical links are not secure. 2) Unless you have taken extraordinary measures, your equipment is probably susceptible to electronic eavesdropping. These measures are generally expensive, and unlikely to be implemented except at sensitive sites. Some of these measures are described in the appropriate government documents (which may be classified). I think that open discussion of weak points and breakin techniques is likely to cause much more harm than good, since not everyone will be willing and able to take measures, and presumably a number of people who are willing but unable to break into other systems will take advantage of the information. I do not object to general cautions, but discussion of specific techniques to break security seem to be way out of line. (Or perhaps I'm wrong, and we should start posting circuit diagrams of spy equipment :-) As an example of a more reasonable approach, if you should happen to discover a way to break into any Unix system, DO NOT post it to the net as a public service. You might quietly send a note to the designers, and they might come up with a patch and quietly distribute it, perhaps without even saying what it's for, and everyone can laugh about the situation afterward. For situations where the problem is unlikely to be fixed (wiretapping, etc.), EXTREME caution should be used in informing the users that there is a security problem. John Roberts roberts@cmr.icst.nbs.gov