Noncompliant Equipment - GIAC

More documents

Recommendations

Info

experienced a serious failure requiring the replacement of approximately 120 units in a deployment over a large geographic area. **** is for use on private LAN/WAN (dedicated, i.e., an intranet) type networks. **** communication should not be used to communicate through any type of firewall or gateway over a public network (i.e., the Internet). All **** communication must take place inside the LAN/WAN using the customer’s private network. Other notes in the documentation are cause for even more concern by any sys admin. **** 10BaseT TCP/IP Ethernet communication module The maximum wire distance between the **** module and the first hub or router on the network must not exceed 100 feet. This is a standard distance for Ethernet communicating devices. It is important to discuss this with the network administrator for the installation site. Secure TCP/IP Environment The TCP/IP communication from the **** module to the central station is a secure polling environment. If the unit is replaced/substituted, tampered or damaged, the central station will either receive a signal from the panel over the backup phone line and/or have an indication that the account is not present on the network. If a network user tries to block or mimic (hack) the signals from the **** module, the **** will report the tampering to the automation software. Another security feature of the **** communication is that the unit will not be seen on the network once it has established a connection to the central station. This will prevent network users from seeing the network devices using tools like Network Neighborhood. The hardware specification is spectacularly unhelpful with providing insight into the IP stack. Input Voltage: 12VDC Current: 150mA (200mA with PGM) Size: 3.25” x 5.25” (8.3 cm x 13.3 cm)
Operating Temperature: 32° to 150°F (0° to 65° C) Output Protocols: TCP/IP Input Protocols **** (SIA format) Connectors: 4-pin header for the ***** &RJ-45 for Ethernet Inputs & Outputs: 1 programmable output & 1 tamper input Network: Ethernet LAN/WAN 10BaseT or 10/100BaseT Call Direction Options: Primary or backup communicator **** Information Guide 11 Rev. 003 Downloading Support: Using ***** and or System Administrator software Programming: Panel keypad Multiple Central Stations: Primary and backup Approval Listings: FCC/IC and CE (UL and ULC pending) Substitution Detection: Monitoring of MAC address At this point, it’s obvious that the introduction of this device to the network needs to be prohibited by the IT group from the outset. The developer’s understanding of the IP stack is questionable at best, and it is certain that the deficiency in skill level will be passed down through the vendor channel and come to rest as a problem for the IT group, not the least of which will be security issues. There is no description of the IP stack of the device, (that is, list of protocols), and no visibility into the device if deployment requires administrative involvement by the IT group. The IP stack of the device is so under-developed that there is absolutely no way to predict how it will perform in a production environment. The apparent purpose of the device is to transmit security alarm signals over the network to eliminate a telephone line. This trivial expense advantage is certain to be eliminated in ongoing support costs. Using what tools would be available to a typical networker, we examine traffic from the device that we can see in the most basic implementation, which is a cross-over cable connected to a PC. When we sniff the traffic, we see ARP requests coming from the device, which at least allows us to discover the MAC address. Ethernet II (Packet Length: 64) Destination: Source: ff-ff-ff-ff-ff-ff 00-03-4f-00-15-20 Type: ARP (0x0806)
Page 1: Noncompliant Equipment Terry Martin
Page 5 and 6: The only specification to be found
Page 7 and 8: Extended -40° to 85°C (-40° to 1

Noncompliant Equipment - GIAC

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?