The following is excerpted from Bruce Schneier's
CRYPTO-GRAM newsletter. For more information
about the newsletter, go to
<http://www.counterpane.com/crypto-gram.html>.
============================================
There is very little technical information available about Invicta's
technology. The Web site is useless. I tried contacting the company, and
was told that they are still filing patents and technical details are only
available under NDA. I received a single four-page white paper that was
long on hyperbole and short on details.
...
There are some hints as to what they're doing. Near as I can tell,
Invicta's "Variable Cyber Coordinates system" is a hardware security
product that constantly changes the IP addresses of computers on a
network. The idea is that if hackers want to target your company, they
won't be able to attack the machines because they don't know their addresses.
...
I also wouldn't agree that it's "a completely different direction than
anybody else." In another newsletter, Crispin Cowan wrote: "DARPA (Defense
Advanced Research Projects Agency) explored this idea in a red team
experiment several years ago. The defenders employed the randomized
address technique, without the attacker's knowledge. The technique
significantly slowed the attackers, until they figured out what was going
on, at which point effectiveness diminished. Problem: the effective random
search space (the size of your subnet) is small." I received another
e-mail saying that the Invicta system is similar to something called
NetEraser from SAIC. Note to the U.S. Patent Office: please look at the
prior art before you issue Invicta a patent.
============================================
It also gives a URL for Invicta's web site:
<http://www.invictanetworks.com/>.
>From reading their White Paper, it seems to me that they are trying
to keep the computers on the local lan available on the internet with
something called an "Invicta Secure Gateway" that looks a bit like a
firewall or more likely a border router that is only allowing certain
traffic through.
Eric Johnson
PS. I posted this to the old firewalls address yesterday. This is a
repost to the correct address.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
