[AusNOG] Data Retention Solution Security Measures

Jake Anderson yahoo at vapourforge.com
Mon Mar 6 11:49:11 EST 2017 

Take a look at a "data diode" that's pretty much exactly what you are 
trying to achieve there.

If your data rate were low enough (and for many I presume it would be) 
you could dump the data over serial and physically break the return line.



On 06/03/17 00:52, Paul Wilkins wrote:
> Eric,
> I see lots of options for securing the DR data, and defense in depth 
> is obviously all to the good. What I don't see is an option for 
> disabling reads on 1) the file systems, 2) the media. There is no 
> operational or otherwise justification for this data to be online - 
> ever - until you get a warrant. It should be possible eg. in Selinux 
> to disable read ioctls so your data is encrypt, dump, and forget.
>
> Kind regards
>
> Paul Wilkins
>
> On 5 March 2017 at 14:56, Mister Pink <misterpink at gmail.com 
> <mailto:misterpink at gmail.com>> wrote:
>
>     Hi All,
>     As part of un upcoming talk at AusCert in May entitled 'Look Who's
>     Talking', I am conducting some research into the technical
>     application of the data retention legislation across the Industry
>     in Australia.
>
>     Much has been said about the security issues surrounding the
>     retention of this data, most notably that it is a potential
>      'Honey Pot' for hackers, so I am interested to understand the
>     level of security controls that carriers have or are planning on
>     deploying to protect the resulting data.
>
>     If you have 10 minutes, I would really appreciate it if you could
>     fill in, or alternatively forward this survey to the person within
>     your organisation responsible for your DR Solution, and in return
>     I will share my analysis with the respondents.
>
>     https://goo.gl/forms/FKmptlZ4g4ra4jOC2
>     <https://goo.gl/forms/FKmptlZ4g4ra4jOC2>
>
>     All responses will be in confidence.
>
>     Many thanks in advance
>
>
>     Eric Pinkerton
>
>
>
>     _______________________________________________
>     AusNOG mailing list
>     AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>     http://lists.ausnog.net/mailman/listinfo/ausnog
>     <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170306/f9b175cb/attachment.html>

More information about the AusNOG mailing list