h a l f b a k e r yNot so much a thought experiment as a single neuron misfire.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
The idea if a company to have a network that is completely disconnected from any outside network. Wait, read the rest before you start bad mouthing the idea. So, there would be a mail server in the internal network that would distribute and receive mails internally. Meanwhile there is an external server
that receives all mails from the exterior. These two servers are usually disconnected from each other. At every minute or whatever period found appropriate, the external server would be physically disconnected from the external network and then it would be phisically connected to the internal server. Both server would swap mails during whatever time was necessary. During this time none of the computers would be connected to the external network. After swapping all mails, the servers would be physically disconnected again and the external server would be reconnected to the internet. This way it would be impossible for a hacker to perform a direct and live attack to the company's network. The biggest danger would be trojan virus and such.
To connect and disconnect the servers, an electronic switch could be designed that would work under a timer to decide when to connect and disconnect each of the servers. The electronics of the switch wouldn't be in contact with the network itself, so that it couldn't be tampered with via internet.
Off course this does not invalidate "Mission Impossible"-like attacks, but nothing really does, right?
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
Does it only work on mail, or would other packets be similarly quarantined? So much simpler than a firewall. No wait, no it's not. |
|
|
Having one or more internal networks entirely unconnected to the outside world is a widely practised safety measure. I completely fail to see the advantage of periodically connecting them for email access. |
|
|
Why hardware when its easily done with software? |
|
|
very much doable with NAT |
|
|
See also "Ultimate Corporate Firewall" here in this category. |
|
|
<DrCurry>I completely fail to see the advantage of periodically connecting them for email access.</DrCurry> |
|
|
[DeathNinja] That's a trick question, right? |
|
|
[Shz] Because hardware is safer? The idea was to eliminate completely any physical link to the external network. |
|
| |