Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
The NANOG meeting archives are full of presentations as the result of very sophisticated network monitoring. Like most technology, it can be used for good and evil. You can't tell the motivation just from the technology. OK, so he says in a roundabout way that you are already paying for some sophisticated network monitoring and it probably won't cost you much to just give some data to the authorities. Sean, please drop this subject. You have no experience here and it's annoying that you keep making authoritative claims like you have some operational experience in this area. If you do, please do elaborate and correct me. From what I understand from the folks at SBC, you did not run harassing call, annoyance call, and LAES services. I would appreciate a correction. Huh!?!?!? Are you saying that people should buzz off from the NANOG list if they change jobs and their latest position isn't operational enough? Are you saying that people should not be on the NANOG list unless they have TELEPHONY operational experience? What is the world coming to!? --Michael Dillon
Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
[EMAIL PROTECTED] wrote: The NANOG meeting archives are full of presentations as the result of very sophisticated network monitoring. Like most technology, it can be used for good and evil. You can't tell the motivation just from the technology. OK, so he says in a roundabout way that you are already paying for some sophisticated network monitoring and it probably won't cost you much to just give some data to the authorities. Sean, please drop this subject. You have no experience here and it's annoying that you keep making authoritative claims like you have some operational experience in this area. If you do, please do elaborate and correct me. From what I understand from the folks at SBC, you did not run harassing call, annoyance call, and LAES services. I would appreciate a correction. Huh!?!?!? Are you saying that people should buzz off from the NANOG list if they change jobs and their latest position isn't operational enough? Are you saying that people should not be on the NANOG list unless they have TELEPHONY operational experience? What is the world coming to!? --Michael Dillon The guy wants to say, please raise your eyes above the horizon of your plate and view a not yet existing country named europe. Here our infrastructure is a lot more advanced and we have standardized a common eavesdropping api. That makes sense with shifting points of view from IRA and Basque Separatists to the European Central Bank everybody can use the standart API and start listening. Of course nobody except the European Central Bank is allowed listening, but - who cares? I am told china too is very advanced. But I am shure North America will catch up fast. Or does he mean Operations, the IRA guys who are running the London Docklands eavesdropping facility, that connects europe via the glc fibre? /ranting ? remember where we started ??? Cheers Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
At 04:58 AM 5/24/2006, [EMAIL PROTECTED] wrote: The NANOG meeting archives are full of presentations as the result of very sophisticated network monitoring. Like most technology, it can be used for good and evil. You can't tell the motivation just from the technology. OK, so he says in a roundabout way that you are already paying for some sophisticated network monitoring and it probably won't cost you much to just give some data to the authorities. Sean, please drop this subject. You have no experience here and it's annoying that you keep making authoritative claims like you have some operational experience in this area. If you do, please do elaborate and correct me. From what I understand from the folks at SBC, you did not run harassing call, annoyance call, and LAES services. I would appreciate a correction. Huh!?!?!? Are you saying that people should buzz off from the NANOG list if they change jobs and their latest position isn't operational enough? Are you saying that people should not be on the NANOG list unless they have TELEPHONY operational experience? What is the world coming to!? [ rescued from the killfile ] As far as archives being chock full of information, Chip Sharp of Cisco made a factual presentation on CALEA years back. The rest of the discussion has been mostly hyperbole. Emotional fodder on political agendas instead of technical, operational, or otherwise. I'd characterize 90% or more of it as junk. If I want to read about politics, I can open my newspaper with my coffee - and I do, but that's the extent I need to see it all day long. We're already bombarded with this stuff elsewhere. No, someone should not quit NANOG's list because they change jobs. Changing jobs has nothing to do with it. Being a subject matter expert is. It's arguable who the SME's here on the list are related to CALEA. There aren't more than 2 or 3 and they aren't usually talking about these types of posts. Not because there's a big secret to be kept. There isn't. It's all public. It's because the thread will always turn to politics and disinformation and it's a bad use of everyones time. Perhaps a bit too harsh on the prior response, but the quality of some of the posting here has become arguably low as of late. Maybe it's because of too much rain? I don't know, but NTP, geo-location, and CALEA have all been subject to this. /me back to our regularly scheduled programming --Michael Dillon -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
Wired posted what are suppossedly the docs Mark Klein wrote 'bout the NSA sniffing project. Interesting read... http://blog.wired.com/27BStroke6/att_klein_wired.pdf John Indeed. To be honest, I am more interested in NANOG-related operational issues involved, which I am not sure many here will be able to discuss in case they had experience on the subject. So let us put privacy and legal issues aside for the purpose of this discussion. How does a service provider handle the requirement to meet a law enforcement agency with their wiretapping needs? The logistics and technology can be exerting, annoying and business-wise, even prohibiting. As I just mentioned somewhere else, I should probably point out that if I was a major ISP often asked to answer the call of law enforcement with legal wiretaps, this could be very annoying as well as technologically a killer to my network architecture. Just sticking some hub somewhere in my network may not cut it, and will certainly not cover all of the communication. What about different lines and locations? As a large provider, ATT probably had to find better solutions to the call of the law, or reply on the law's technology to not kill their business. This indeed happened before. As some of you may remember, according to one NANOGer at the FBI's Carnivore presentation a few years ago, sticking just such a hub is what caused his network to break-down. Creating a centralized wiretapping point under strict security may be just the thing to both comply and save costs, not to mention staying on the air. I don't see how that _by_itself_ is wrong of ATT. There are other issues here as well. The Internet Infrastructure in a significant way sits in the US. We all know that. Is it really a surprise to anyone that the NSA, which states it listens to the Internet, is using a local resource such as that on US soil? They would be crazy not to. They rivals and enemies in other countries certainly won't think twice. There is the issue of separating domestic communication from the rest, but that's just something they have to deal with and US citizens have to be paranoid about. This whole situation will probably result in better supervision/monitoring of activities rather than stopping any of them (i.e. simply more people in-the-know of what the NSA is up to). That said, I am not a US citizen nor up-to-date on the details of this ATT/NSA issue or the privacy implications, and I am sure enough of the US folks here are. Gadi.
Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
On Tue, May 23, 2006 at 05:39:26AM -0500, Gadi Evron wrote: Wired posted what are suppossedly the docs Mark Klein wrote 'bout the NSA sniffing project. Interesting read... http://blog.wired.com/27BStroke6/att_klein_wired.pdf John Indeed. To be honest, I am more interested in NANOG-related operational issues involved, which I am not sure many here will be able to discuss in case they had experience on the subject. So let us put privacy and legal issues aside for the purpose of this discussion. How does a service provider handle the requirement to meet a law enforcement agency with their wiretapping needs? The logistics and technology can be exerting, annoying and business-wise, even prohibiting. See RFC 3924, Cisco Architecture for Lawful Intercept in IP Networks. -- Jim Lippard [EMAIL PROTECTED] Global Security Organization, Information Security Architecture Global Crossing GPG Key ID: 0xED3D63C0
Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
On Tue, 23 May 2006 05:39:26 -0500 (CDT), Gadi Evron [EMAIL PROTECTED] wrote: Wired posted what are suppossedly the docs Mark Klein wrote 'bout the NSA sniffing project. Interesting read... http://blog.wired.com/27BStroke6/att_klein_wired.pdf John Indeed. To be honest, I am more interested in NANOG-related operational issues involved, which I am not sure many here will be able to discuss in case they had experience on the subject. So let us put privacy and legal issues aside for the purpose of this discussion. How does a service provider handle the requirement to meet a law enforcement agency with their wiretapping needs? The logistics and technology can be exerting, annoying and business-wise, even prohibiting. In the US, see 18 USC 2518(4): Any provider of wire or electronic communication service, landlord, custodian or other person furnishing such facilities or technical assistance shall be compensated therefor by the applicant for reasonable expenses incurred in providing such facilities or assistance. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: ISP compliance LEAs - tech and logistics [was: snfc21 sniffer docs]
On Tue, 23 May 2006, Steven M. Bellovin wrote: Indeed. To be honest, I am more interested in NANOG-related operational issues involved, which I am not sure many here will be able to discuss in case they had experience on the subject. So let us put privacy and legal issues aside for the purpose of this discussion. How does a service provider handle the requirement to meet a law enforcement agency with their wiretapping needs? The logistics and technology can be exerting, annoying and business-wise, even prohibiting. In the US, see 18 USC 2518(4): Any provider of wire or electronic communication service, landlord, custodian or other person furnishing such facilities or technical assistance shall be compensated therefor by the applicant for reasonable expenses incurred in providing such facilities or assistance. The NANOG meeting archives are full of presentations as the result of very sophisticated network monitoring. Like most technology, it can be used for good and evil. You can't tell the motivation just from the technology.
