Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
"Gimme an intel IXA network processor and no problem. ATM is fixed size data, not as tricky as IP decoding. Predicatable bandwidth. Stream all into megadisks, analyze later." I'm gonna have to challenge this bit here, Variola. Let's back up. You've got an OC-48 or OC-192 fiber and you want to grab ALL of the data in this fiber. Now I'll grant that in real life there's going to be a lot telephony circuit in there, but let's take a worst-case and assume you need ALL the data. What's in this OC-192? Right now it definitely ain't 10Gb/s of packets. It's going to have LOTS of DS1s, DS3s and, if you're lucky, and STS-3c or two. So you'll need to first of all demux ALL of the tributaries. Next, you've got to un-map any ATM in each of the DS1s, etc, and then pull out the IP data from the ATM cells, remembering to reassemble fragmented packets (and there will be plenty with ATM). And remember, you may have to do this for 5000 simultaneous DS1s. Oh, and let's not forget pointer adjustments. You can't just blindly grab stuff...remember that all those tribs come from different STRATUM 1/3 clocks, so they'll be moving at different speeds and as a result have periodic slips w.r.t the STS-192 container. And that's just one fiber. How will you actually get all of this traffic back to HQ? Remember, it keeps coming and won't stop. No, I think I'm becomming convinced that they can't yet get ALL of it. But they DO probably grab complete wavelengths and backhual them, storing them for later study. (They must do some grooming too. For instance, they probably CALEA everything into and out of Brooklyn, and then that will get switched over to the Beltway where it will be packed into a GIG-BE OC-768 back to storage and processing.) -TD
From: "Major Variola (ret)" <mv@cdc.gov> To: "cypherpunks@al-qaeda.net" <cypherpunks@al-qaeda.net> Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto proxies Date: Sun, 18 Jul 2004 22:35:19 -0700
At 01:07 PM 7/18/04 -0500, J.A. Terranson wrote:
Let me fill in what he left out. Yes, the industry is moving towards MPLS over POS. That's not where it is now though. At least not for most interfaces. Right now the industry is chock full of lagacy gear, mostly old fashioned ATM. You think you can just casually reassemble this crap in transit? Let's see it!
Gimme an intel IXA network processor and no problem. ATM is fixed size data, not as tricky as IP decoding. Predicatable bandwidth. Stream all into megadisks, analyze later. You need to tap the MPLS label assignment service (or watch all the egress ports and correlate to endpoints) too to know which ATM chunks went where.
Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!!
You don't know about tape robots, or offline indexing, eh?
_________________________________________________________________ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
participants (1)
-
Tyler Durden