ADSM-L

Re: (Fwd) ADSM data security

2015-10-04 18:07:24
Subject: Re: (Fwd) ADSM data security
From: Dwight E. Cook [SMTP:decook AT AMOCO DOT COM]
To: ADSM-L AT VM.MARIST DOT EDU
     I would also have to add one that applies here at amoco.

     What random hacker, in a semi-secure environment can afford, sneak =
in,
     and maintain enough DASD & processing power to capture the 300+ GB =
of
     s$%%$, I mean stuff, that is thrown at the server daily! (well
     actually every 1/3rd of a day, the other 2/3rds of each day is =
spent
     just moving it all around on the server)

     They would have to be on a subnet along the path from the client to
     the server to begin with.  (or you've got some bad router problems)
     They could eliminate other node's network traffic fairly easily.  =
THEY
     COULD NOT (shy of spending a million dollars) KEEP UP WITH THE FLOW =
OF
     DATA!

     Hey, what a way to justify a dedicated fddi environment for ADSM
     server & clients.  (or an upgrade from 10BaseT)
     "Well, we have to install dedicated fddi across the campus, =
multiple
     fddi cards in the server and additional fddi cards in all the =
clients.
     It is a security matter!"
     'Cause ya just can't easily tap into a fiber cable! Even with all =
the
     right equipment and all the time in the world it still screws up =
;-)

     Whoa Kent, ahhh... for a second I thought that read pyrotechnics...

     anyway,
            Later,
                   Dwight


______________________________ Reply Separator =
_________________________________
Subject: (Fwd) ADSM data security
Author:  ADSM-L (ADSM-L AT VM.MARIST DOT EDU) at unix,mime
Date:    6/19/97 1:16 PM


We have some people at our university who are hesitant to use ADSM =
because of
security reasons.  I believe that they are concerned of the possiblity =
that
ethically-challenged people may sniff networks, intercept the backup =
data,
and recreate files containing sensitive data.

My response to this concern is the following.

1) I presume that file data and ADSM specific data is packed into an =
ADSM
non-public domain protocol.  So, anybody sniffing would have to =
understand
and/or re-engineer this protocol.

2) We force the client to compress the data, so no clear text is =
transferred
on the network.  So, anyone trying to intercept that data would have to
collect complete data transmissions, understand the protocol, and =
uncompress
the files, in order to gain access to any sensitive data.

o Is there an official response addressing security of ADSM data on the
network?
o Are there any stronger arguments showing that security is not a =
concern?
o What are valid concerns for security exposure of ADSM data?

Responses anyone?

Kent

--
Kent Johnson                        Internet: johnsk6 AT rpi DOT edu
Kent Johnson                        Internet: johnsk6 AT rpi DOT edu
Unix Systems Programmer (VCC 323)      Phone: (518) 276-8175
Rensselaer Polytechnic Institute         Fax: (518) 276-2809

<Prev in Thread] Current Thread [Next in Thread>