NS&AT&T
coderman
coderman at gmail.com
Wed May 17 15:58:08 PDT 2006
On 5/17/06, Mike Owen <kyphros at gmail.com> wrote:
> ...
> I doubt the NSA cares about this list anymore (assuming they ever did).
hmm, i recall amusing conversations about honey tokens and baiting TLA's.
*grin*
> Back to the topic at hand, I'm sure they do policy updates via
> whatever channel they are recieving data. It's very common to just
> have a single out of band reporting/management link.
true, this is probably how it is done.
would IPsec or some NSA built auth & privacy at layer 2 be more likely?
> And I'd be surpised if these servers had any type of internal/external
> storage, such as the suggested Storedge. They most likely boot off the
> network, so if the servers are grabbed, there is only the contents of
> ram to worry about, and I'm sure there are rather explosive safeguards
> against that.
consider this vicious rumor but a little birdie informed me that
physical security at these locations is well covered. strategically
placed cages, reinforced and locked, armed guards. all this on top of
the usually very tight security at these facilities. (though it
sounded like the guards were a recent introduction. someone getting
nervous about legitimate employees poking around?)
so in this case i think there is probably useful data on the disks
(the filters and controlling software for the narus / other
equipment), caching might be implemented (the T3's on fibre channel
have some nice throughput, although this configuration is years old at
this point), and i very much doubt any destructive countermeasures.
> A side benefit of having the filesystem living on an
> nfs server somewhere is that the above mentioned policy updates could
> be as simple as changing a single file on the storage server, and
> having all the sniffing servers immediately updated.
network file systems introduce reliability concerns. intermittent
link outages would mean a bit of caching in the local case, but might
cause monitoring / capture failure in a network file system scenario.
maybe we'll find out in the near future. :)
More information about the cypherpunks-legacy
mailing list