Well, what's a "peering point"? Most traffic does not traverse public peering points, domestically. So, in order to look at enough traffic to make it worthwhile, the .gov would have to optically tap all the private peering x-connects between major carriers. That is a major endevour, and would surely be eventually discovered (probably sooner, rather than later). And, of course, the equipment needed to actually look at that data, at line rate, would be difficult to conceal. There are also numerous rules against doing this sort of thing domestically. Sniffing peering traffic internationally would actually be much easier, for both legal and technical reasons. Linx is the largest public exchange in the world, by traffic, for example. However, I doubt that equipment to sniff 17gb/sec of data actually exists at the moment. It's much easier to get this sort of data, closer to the endpoints - the subject's mail server, keyboard, monitor, a dialup RAS, or a span port off of the provider's ethernet switch. The closer you get to the hypothetical "center" of the internet, the more data there is to sort through, complicating the task. On the other hand, tapping undersea optical fibers is appearently no problem, currently, and will get easier when the USS Jimmy Carter (SSN23), a specially modified Seawolf sub, comes on line in a bit. It is alleged to have a removable module that is specifically designed for tapping undersea fiber optic cables without any interuption of current or light level. - Daniel Golding
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Scott Granados Sent: Wednesday, August 14, 2002 11:36 PM To: David Lesher Cc: nanog list Subject: Re: $400 million network upgrade for the Pentagon
Ok, let's make this operation l for one second. This is something I've always wondered and I have an idea but...
What is the real possibility that there is some sort of structured monitoring system in place say on the backbone level. Bad fbi meat eating programs asside I mean really something useful. Can the nsa for example listen in somehow to eering points or other such common areas and observe things that interest them? I know the answer in the voice network is yes but that's technically easier. On the ip network that would seem to be m uch more difficult.
On Wed, 14 Aug 2002, David Lesher wrote:
Unnamed Administration sources reported that Brad Knowles said:
I'm sure that they have all sorts of methods. On the other hand, cellphones make devilishly difficult "bugs" to eliminate,
Not at all.
The entry guard says "No Cell Phones".. and [s]he has the gun. You can whine and pout but [s]he still has the gun.
THAT is how you solve that issue. No shield rooms needed.
I had some bozo try to bring his pagers into my [1] SCIF once. "But Man, I NEED my pagers.." {"I am SO important, in my eyes at least, that you can not strip me of my status symbols.."}
I offered that he could keep the pager-pieces after I smashed them.... and he decided he did not NEED them after all. They stayed in the unclass area on someone's desk, someone who could call me if they went off. They did not.
[1] I was the SCIF Security Officer; what a thankless role..