Sophie

Sophie

distrib > Mandriva > 2010.1 > x86_64 > by-pkgid > 965e33040dd61030a94f0eb89877aee8 > files > 5163

howto-html-en-20080722-2mdv2010.1.noarch.rpm

<HTML
><HEAD
><TITLE
>Countering interception of telephony links</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Remote Serial Console HOWTO"
HREF="index.html"><LINK
REL="UP"
TITLE="Security"
HREF="security.html"><LINK
REL="PREVIOUS"
TITLE="Log attempted access"
HREF="security-log.html"><LINK
REL="NEXT"
TITLE="Configuring a kernel to support serial console"
HREF="kernelcompile.html"></HEAD
><BODY
CLASS="SECTION"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Remote Serial Console HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="security-log.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 9. Security</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="kernelcompile.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECTION"
><H1
CLASS="SECTION"
><A
NAME="SECURITY-INTERCEPTION"
></A
>9.12. Countering interception of telephony links</H1
><P
>Modems calls over telephones can be intercepted.  This can be
   an issue if you do not trust a telecommunications carrier in your
   call's path, or if you do not trust the law enforcement agencies
   that may request interception facilities from that carrier.</P
><P
>International calls are particularly exposed.  Calls which
   are routed across satellite or wireless links can be intercepted by
   readily-available radio receivers.  Calls routed across undersea
   links are much more expensive to intercept, so this is probably
   limited to national governments, such as those using the <A
HREF="http://cryptome.org/cryptout.htm#Echelon"
TARGET="_top"
>Echelon
   system</A
>.</P
><P
>If you do not pass sensitive data over the link, then the
   major exposure is typing in your user name and password.  Look into
   <A
HREF="http://freshmeat.net/projects/pam_skey/"
TARGET="_top"
><SPAN
CLASS="APPLICATION"
><SPAN
CLASS="ACRONYM"
>S/KEY</SPAN
></SPAN
></A
>
   or look into <A
HREF="http://inner.net/opie/"
TARGET="_top"
><SPAN
CLASS="APPLICATION"
><SPAN
CLASS="ACRONYM"
>OPIE</SPAN
></SPAN
></A
>
   and its related <A
HREF="http://www.tho.org/~andy/pam-opie.html"
TARGET="_top"
><SPAN
CLASS="APPLICATION"
>An
   <SPAN
CLASS="ACRONYM"
>OPIE</SPAN
> for
   <SPAN
CLASS="ACRONYM"
>PAM</SPAN
></SPAN
></A
>.</P
><P
>These one-time password systems have flaws, a good summary of
   these is <I
CLASS="CITETITLE"
>Vulnerabilities in the
   <SPAN
CLASS="PRODUCTNAME"
><SPAN
CLASS="ACRONYM"
>S/KEY</SPAN
></SPAN
> one time
   password system</I
> by Peiter &#8216;mudge&#8217;
   Zatko.</P
><DIV
CLASS="WARNING"
><A
NAME="SECURITY-INTERCEPTION-KEYS"
></A
><P
></P
><TABLE
CLASS="WARNING"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/warning.gif"
HSPACE="5"
ALT="Warning"></TD
><TH
ALIGN="LEFT"
VALIGN="CENTER"
><B
>Cryptographic key material</B
></TH
></TR
><TR
><TD
>&nbsp;</TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>Possessing cryptographic key material, such as a one-time
    password generator or list of one-time passwords, is a serious
    criminal offense in some countries.</P
><P
>You must acquiant yourself with the laws in your
    jurisdiction and the laws of jurisdictions you may travel
    through.</P
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="WARNING"
><A
NAME="SECURITY-INTERCEPTION-LAW"
></A
><P
></P
><TABLE
CLASS="WARNING"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/warning.gif"
HSPACE="5"
ALT="Warning"></TD
><TH
ALIGN="LEFT"
VALIGN="CENTER"
><B
>Defeating telecommunications interception</B
></TH
></TR
><TR
><TD
>&nbsp;</TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>Taking steps to defeat or avoid legislatively-approved
    telecommunications interception is a serious criminal offense in
    some countries.</P
><P
>You must acquiant yourself with the laws in your
    jurisdiction and the laws of jurisdictions you may travel
    through.</P
></TD
></TR
></TABLE
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="security-log.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="kernelcompile.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Log attempted access</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="security.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Configuring a kernel to support serial console</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional