OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [PEN-TEST] Datacenter Wiring
From: Darryl Luff (darryllSNAKEGULLY.NU)
Date: Thu Oct 19 2000 - 05:10:37 CDT

Tom Litney wrote:
>
> I would like to throw a topic out for discussion to all you pen-experts out
> there. When examining datacenters you usually find that the wires are
> either run out in the open (loose under raised floor is considered to be in
> the open for this discussion) or hidden in conduit. From a penetration
> standpoint do you feel it is easier to compromise exposed wiring or "hidden"
> wiring? I'm interested in opinions regarding the ease of identifying the
> target wire as well as the ability to avoid detection. Assume that the
> penetration could include tapping, inductive sniffing, electromagnetic
> disturbances, etc. Which wiring technique would you suggest your clients
> use to provide them with the "best" security against penetrators? So do you
> consider yourself a "wire walker" or a conduit person?
>
> Basic Assumptions: We are talking about a normal datacenter here not some
> superspook site with poison gas filled conduit or wire buried in tons of
> concrete. Also, the exposed wiring is assumed to be tastefully done (not
> some "rats nest") and well labeled.
>
> Tom

Defence standards (here anyway) are for wiring to be run in clear
conduit in the open, so any taps are exposed. If it has to run through
hidden areas it has to be in welded steel, and then physically checked
regularly. This seems pretty secure.

Normally though I'd say the easiest to compromise would be a wall outlet
in an obscure spot. They're normally patched in with no MAC filters etc.
So just plug in. So I guess I'm a "lazy" person.