AKLUG Archive: [aklug] Re: sequesteredsolutions?

From: Shane Spencer <shane@bogomip.com>
Date: Wed Mar 03 2010 - 20:54:07 AKST

Alright. So I implemted a 100% one way only ciphered and forward
error corrected UDP stream.

The point is to pass data from a low security area to a high security
area while avoiding protocol flaws. IP Datagrams that only travel one
way seems like a good start.

Lowsecure System =3D 10.42.3.159
Highsecure =3D 10.42.3.102

----
lowsecure# pv -L 1M -W
Downloads/Men.of.a.Certain.Age.S01E06.HDTV.XviD-SYS.avi | gpg -e -r
oneway@doom - | vdm_encode | socat - UDP:10.42.3.102:4242,shut-null
 351MB 0:05:52 [0.997MB/s [=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D>] 100%
highsecure# socat UDP-LISTEN:4242 - | vdm_decode | gpg -d -r
oneway@doom - > /tmp/crap
gpg: encrypted with 2048-bit ELG-E key, ID 0EDEC093, created 2010-03-04
      "One Way Xfer Of Doom (Doom) <oneway@doom>"
----
The packet dump looked like this (note.. the ARP
tcpdump -i eth0 -vvvvvvvvvvvvvnl src host 10.42.3.102
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 by=
tes
20:47:31.844321 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102
is-at 00:0f:1f:83:41:12, length 46
20:47:57.836327 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102
is-at 00:0f:1f:83:41:12, length 46
20:48:31.195306 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102
is-at 00:0f:1f:83:41:12, length 46
20:49:04.548367 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102
is-at 00:0f:1f:83:41:12, length 46
20:49:37.956354 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.42.3.102
is-at 00:0f:1f:83:41:12, length 46
On Wed, Mar 3, 2010 at 6:57 PM, Shane Spencer <shane@bogomip.com> wrote:
> I've heard of them.. infact this specific product can be reduced to a
> few programs and a very minimal amount of scripting for a basic
> interface. =A0Give me a second and I'll post the solution to the list.
>
> On Tue, Mar 2, 2010 at 2:45 PM, Lee <lee@afabco.org> wrote:
>> Anyone heard of or know anything about an outfit called sequesteredsolut=
ions.com here
>> in alaska? =A0Or better yet, use or have used their Trapline product? =
=A0I'm doing some
>> informal due diligence on this. =A0Please reply offlist to lee(at)afabco=
<dot>org.
>>
>> thanks!
>>
>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

Received on Wed Mar 3 20:54:17 2010

This archive was generated by hypermail 2.1.8 : Wed Mar 03 2010 - 20:54:17 AKST