Re: Defeating Firewalls: Sneaking Into Office Computers From Home
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Defeating Firewalls: Sneaking Into Office Computers From Home

From: Floyd L. Davidson <floyd@apaflo.com>
Date: Sun Aug 14 2005 - 18:18:02 CEST



roberson@ibd.nrc-cnrc.gc.ca (Walter Roberson) wrote:


>People around here don't buy T1's for -speed-. Reasons why they


>do buy T1 include:



This is an interesting list, and technically is correct in most


aspects (the comment about "synchronous ... for multimedia"


isn't right).



However, there are some *very* serious "gotcha's" in this too.


Most services provided over what might be called a "T1", may or


may not be technically what is being reference as a T1!



For example, a T1 that is provision through a provider's Frame


Relay cloud, might not provide the stated benefits.  That isn't


technically just a T1, but is almost always called a T1 today.



>- T1 provides symmetric bandwidth (SDSL is not very common here)



Significant, and correct for anything likely to be called a T1.



>- T1 is point to point and thus does not have the security issues


>that one has when one is connected to the Internet



That is probably not quite true, though the issues are less


serious than with DSL or Cable provisioned services.  A Frame


Relay Cloud still has the same potential insider security


issues...



>- T1 are available -most- places that phone land-lines reach --


>the required infrastructure having existed for long enough for


>very good saturation.



True.



>- T1 do not degrade with congestion from other users on your block


>(a significant problem with cable!)



Unless of course it is part of a Frame Relay Cloud.  (I once saw


a carrier install a Frame Relay Point-of-Presence, and then sell


6 different customers guaranteed bandwidth circuits equal to the


backbone! ;-)



>- T1 have fixed latency and bandwidth, not variable as cable has



Probably true, but it can vary significantly if any part of the


T1 is on Frame Relay or Cell Relay (ATM) backbone services.



>- T1 is synchronous and thus suitable for multimedia applications


>that degrade when frames are received out of order



Being synchronous or not doesn't affect the order that frames


are received in.  Regardless, virtually all T1's ride T3's, and


thus become isochronous and suffer from higher clock jitter than


a genuine point to point T1 over a wire facility would have.



>- T1 has no bandwidth caps, content filters, forced http proxying,



Two out of three.  It certainly has a bandwidth cap.  Moreover


it it is provision on Frame Relay or Cell Relay there will be


just as many wierd bandwidth specs as one can imagine (burst,


guaranteed, etc.), and might well be affected by how much other


customers are using.



-- 
Floyd L. Davidson            <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@apaflo.com


Received on Thu Sep 29 20:02:06 2005