On Fri, 2 Aug 2002, Tom Buskey wrote: > There's always the DOD approach: put the network cables in conduit that > has a vibration alarm on it. Use 10base2, token ring, or FDDI; > something that detects a break and stops passing traffic if a splice is > made.
1) Unless I'm mistaken (something I'll readily concede if it's the case -- my time with Token Ring Hell^H^H^H^H^H^H^H^H^H United Parcel Service was many moons ago), you could just splice the TR cable, plug it into a MAU, and go from there. You wouldn't even drop packets if your ring was an actual ring, though you might notice a couple beacons. 2) All of this is well and good, but IMHO, encrypting the workplace would -not- solve even a portion of the big problem. People who have access would still have access, and could just as easily e-mail files to the outside. Combine that with "social engineering", and the damn keyboard capture devices I've seen that plug right into the PS/2 port (Hell: PC Magazine even wrote two up last issue), and it's *DAMN* hard to prevent someone who's determined from getting to stuff, and a whole lot easier than it would be to sniff an unencrypted packet-switched network. Don't mis-understand my point: encryption -is- good. But hiring trustworthy employees, expiring passwords, and enforcing good file-permission security (so people don't have access to things they don't need access to) are probably more relevant. That, and throwing away Outlook. ;-) $.02, -Ken ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
