=====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian |Prying open my 3rd eye. So good to see |./|\. ..\|/..|sunder@sundernet.com|you once again. I thought you were |/\|/\ <--*-->| ------------------ |hiding, and you thought that I had run |\/|\/ ../|\..| "A toast to Odin, |away chasing the tail of dogma. I opened|.\|/. .+.v.+.|God of screwdrivers"|my eye and there we were.... |..... ======================= http://www.sundernet.com ========================== ---------- Forwarded message ---------- Date: Mon, 24 Nov 1997 20:50:10 -0500 From: "Stout, William" <StoutW@pios.com> To: "'ntsecurity@iss.net'" <ntsecurity@iss.net> Subject: RE: OFF-TOPIC RE: [NTSEC] - cheap tempest solution

----- Original Message ----- From: Tim Lebrun [SMTP:tlebrun@internetmci.com]

This may be a stupid question, but what is tempest monitoring? And what kind of information can you get from doing it?

Ooh, ooh, something I was trained in once. Tempest protection is the ability to prevent undesirable signals from escaping a computer system. In the old days, electro-mechanical teletypes were used by the military. Someone discovered that placing a signal analyzer on the power feed shows what character is represented by each signal spike. Automating the translation gives you a mirror output of each message someplace else. Electrical filters (not just transformers which can pass these signals) prevent this. Present day keyboards and mice also radiate signals, readable even though the device is within the FCC part 15 class A or B device signal emanation restrictions. Both tube-type and LCD displays are big transmitters, and can be read by receivers connected to similarly phased displays. The receivers can be in a nearby building, van, plane or satellite. Makes you think twice when typing PGP messages or 'accidentally' hitting a 'can be used against you' newsgroup. Search for 'Van Eck' for more data. Physical metallic shielding (and thorough testing) fixes this. Network wires and equipment are also major radio transmitters, metallic types are readable from a distance, and of course networks can be directly tapped, even glass fiber. (It's been found in military environments, a simple wire was surreptitiously stretched above a ceiling, and which would act as a retransmitter.) All cables are guilty of transmitting readable signals if not properly shielded and filtered. Van Eck/tempest exploiting devices are used in the military/spy/wire-fraud/'drug war' business and in both government sponsored and private corporate espionage. Don't confuse EMP (Electro-Magnetic Pulse) protection with Tempest, since EMP is a high-energy pulse (such as created by a nuclear burst) that generates a high-voltage electrical pulse in both plugged in and off-line electronic equipment, and typically frys all unshielded electronics. Same effect as a power surge, but affects all circuits, even parts sitting on shelves. HERF guns do the same thing. Damn. I'm also guilty of contributing to the noise and 'firewalls-list' demise of NTsecurity list. Bill Stout