IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 5.26 Analysis of the message flow
By a traffic flow analysis, a perpetrator tries to find out who, at what time and
how often, has sent what data volumes to whom. Even if an eavesdropper
cannot read the contents of the message, it is possible to draw conclusions
about the behaviour of users. The information regarding the date and time a
message is created can be analysed to a personality profile of the sender.
Address collectors from address companies also search for e-mail and postal
addresses to which unsolicited advertising can be sent.
Within ISDN (Integrated Services Digital Network), the D-channel of a
connection, used for signalling between terminal devices and the exchange, is
particularly vulnerable to intrusions. An analysis of the signalling by a
protocol sniffer not only allows the drawing of conclusions about the
behaviour of a user (e.g. who phones when, to whom, and for how long?), but
also can be used to prepare more complex attacks via the D-channel.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000