[11406] in Commercialization & Privatization of the Internet
Re: Re[2]: Two-way Internet service from Continental Cable?
daemon@ATHENA.MIT.EDU (Mark R. Ludwig)
Thu Mar 31 19:36:18 1994
From: "Mark R. Ludwig" <Mark-Ludwig@uai.com>
To: "Robert G. Moskowitz" <0003858921@mcimail.com>
Cc: Stephen Wolff <steve@nsf.gov>, com priv <com-priv@psi.com>
In-Reply-To: <25940330220752/0003858921NA5EM@mcimail.com>
from "Robert G. Moskowitz" on Wed, 30 Mar 1994 17:07:00 EST.
Date: Thu, 31 Mar 1994 10:52:23 -0800
I'm surprised the more regular contributors who know this better than
I haven't challenged this misleading impression.
>>>>> "Bob" == Robert G. Moskowitz <0003858921@mcimail.com> writes:
S said:
>If it's a shared medium, how difficult is it for a moderately capable one
>of PSI's customers on the cable to listen in on what some other customers
>are saying? Presumably it's slightly more difficult than hanging a
>Sniffer on a vampire tap, but I wonder what safety mechanisms PSI has to
>prevent their customers from wiretapping each other?
Bob> Steve, it is soooo simple to turn a PC into an network analyser. I do it
Bob> all the time at work. A number of commercial packages for ~$1K or PD
Bob> packages do it...
Yes, and the data vulnerable to this is highly segmented, due to
network performance requirements. That is, as the network is
segmented (subnetted), typically for performance reasons, so too the
ability to sniff is diminished. If you subnet for security reasons,
you probably get a performance boost as a side-effect. Neat, huh?
(The exception comes when the majority of the traffic on the original
network now has to cross from one to the other; then you've gained
neither for security nor performance.)
I can sniff any packet to or from our network, and that's the end of
my ability. The same is true most everywhere else in the world that
there are wires or workstations in cubicles, at least without extra
effort and/or hardware. I cannot possibly sniff anything you're
doing, unless you're doing something with our network. On a broader
scale, the Internet is distributed such that it's just not possible
without _lots_ of physical connections to sniff any arbitrary person's
network traffic. You can only sniff what's traveling over the wire
where you're connected. You want to watch what's happening between
Europe and Japan? You have to figure out all the ways the packets can
get from one to the other, and have physical taps on each of those
wires.
We are a PSI customer. The Internet architecture simply gives us no
way to wiretap anything which does not involve us, including anything
to or from another PSI customer. There's nothing special about PSI,
it's just the way the Internet works.$$
--
INET: Mark-Ludwig@UAI.COM NIC: ML255 ICBM: USA; Lower Left Coast
"For crabby middle-aged movie critics, it was a pretty long night."
-- Jim Schweda reviewing _D2:_The_Mighty_Ducks_
