Alright. So I implemted a 100% one way only ciphered and forward
error corrected UDP stream.
The point is to pass data from a low security area to a high security
area while avoiding protocol flaws. IP Datagrams that only travel one
way seems like a good start.
Lowsecure System =3D 10.42.3.159
Highsecure =3D 10.42.3.102
---- lowsecure# pv -L 1M -W Downloads/Men.of.a.Certain.Age.S01E06.HDTV.XviD-SYS.avi | gpg -e -r oneway@doom - | vdm_encode | socat - UDP:10.42.3.102:4242,shut-null 351MB 0:05:52 [0.997MB/s [=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D>] 100% highsecure# socat UDP-LISTEN:4242 - | vdm_decode | gpg -d -r oneway@doom - > /tmp/crap gpg: encrypted with 2048-bit ELG-E key, ID 0EDEC093, created 2010-03-04 "One Way Xfer Of Doom (Doom) <oneway@doom>" ---- The packet dump looked like this (note.. the ARP tcpdump -i eth0 -vvvvvvvvvvvvvnl src host 10.42.3.102 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 by= tes 20:47:31.844321 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102 is-at 00:0f:1f:83:41:12, length 46 20:47:57.836327 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102 is-at 00:0f:1f:83:41:12, length 46 20:48:31.195306 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102 is-at 00:0f:1f:83:41:12, length 46 20:49:04.548367 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102 is-at 00:0f:1f:83:41:12, length 46 20:49:37.956354 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102 is-at 00:0f:1f:83:41:12, length 46 On Wed, Mar 3, 2010 at 6:57 PM, Shane Spencer <shane@bogomip.com> wrote: > I've heard of them.. infact this specific product can be reduced to a > few programs and a very minimal amount of scripting for a basic > interface. =A0Give me a second and I'll post the solution to the list. > > On Tue, Mar 2, 2010 at 2:45 PM, Lee <lee@afabco.org> wrote: >> Anyone heard of or know anything about an outfit called sequesteredsolut= ions.com here >> in alaska? =A0Or better yet, use or have used their Trapline product? = =A0I'm doing some >> informal due diligence on this. =A0Please reply offlist to lee(at)afabco= <dot>org. >> >> thanks! >> >> >> --------- >> To unsubscribe, send email to <aklug-request@aklug.org> >> with 'unsubscribe' in the message body. >> >> > --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Wed Mar 3 20:54:17 2010
This archive was generated by hypermail 2.1.8 : Wed Mar 03 2010 - 20:54:17 AKST