The following is excerpted from Bruce Schneier's CRYPTO-GRAM newsletter. For more information about the newsletter, go to <http://www.counterpane.com/crypto-gram.html>. ============================================ There is very little technical information available about Invicta's technology. The Web site is useless. I tried contacting the company, and was told that they are still filing patents and technical details are only available under NDA. I received a single four-page white paper that was long on hyperbole and short on details. ... There are some hints as to what they're doing. Near as I can tell, Invicta's "Variable Cyber Coordinates system" is a hardware security product that constantly changes the IP addresses of computers on a network. The idea is that if hackers want to target your company, they won't be able to attack the machines because they don't know their addresses. ... I also wouldn't agree that it's "a completely different direction than anybody else." In another newsletter, Crispin Cowan wrote: "DARPA (Defense Advanced Research Projects Agency) explored this idea in a red team experiment several years ago. The defenders employed the randomized address technique, without the attacker's knowledge. The technique significantly slowed the attackers, until they figured out what was going on, at which point effectiveness diminished. Problem: the effective random search space (the size of your subnet) is small." I received another e-mail saying that the Invicta system is similar to something called NetEraser from SAIC. Note to the U.S. Patent Office: please look at the prior art before you issue Invicta a patent. ============================================ It also gives a URL for Invicta's web site: <http://www.invictanetworks.com/>. >From reading their White Paper, it seems to me that they are trying to keep the computers on the local lan available on the internet with something called an "Invicta Secure Gateway" that looks a bit like a firewall or more likely a border router that is only allowing certain traffic through. Eric Johnson _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
