[FADCA] Security guidelines

Royce, Philip proyce at alachuasheriff.org
Wed Mar 3 15:51:48 EST 2010 

This whole subject matter seems to be a rant instead of a focus.

To answer your first question: All policies are governed by FISMA and
NIST, if you don't already know these then you might want to review them
yourself, and to consider a low population, low usage Private LAN has to
be governed in a manner such as the Federal Comsat is absurd, please
re-evaluate the manner in which you want to approach this.

To address your second email: From your description of your AMPR network
maybe you should consider turning yours down since there seems to be
that much intrusion. I would assume that Brian Kantor and the University
of Cal do not know that the network is being effected in this way or
being represented as such, but thank you for the enlightenment, must be
all those MIT and Purdue students getting their thesis done.


There is no issue unless you are making one about this, so this
discussion is done I don't consider this a positive approach to ham
radio so consider this station QRT unless there is a positive flow on
this sig.  Please read my email about this matter in your personal mail.

Sincerely,

73

Phil Royce KE4PWE
Serving Disaster Services since 1983
Region 3 SERT COML /Custodian EDICS3
ARRL NFL TS, OES, LTM 
 
 
 

-----Original Message-----
From: fadca-bounces at mailman.qth.net
[mailto:fadca-bounces at mailman.qth.net] On Behalf Of Jerald A DeLong
Sent: Wednesday, March 03, 2010 12:39 PM
To: Florida Amateur Digital Communication Association
Subject: Re: [FADCA] Security guidelines

Phil/all,

When evaluating security concern for our HAM Radio Networks one most
really step back and look at the entire picture.

Here is a example:

We as HAM love to make all our software communicate so FPAC talks to
Winklink, Winklink talks to everything and etc.

This is not a bash on Winlink and/or FPAC!

This is what we do, we are HAMS we love to make things communicate and
we are very good at it too.

This is also one of our biggest down falls when it comes to Network
Security.

When we have all these different application that communicate with each
other, all linked over the world.Each application brings it's own set of
security concerns to our network.

So you had your "internal network security specialist" review your setup
and software. What about my setup and the many other nodes we
communicate within our own network.They all communicate with each other,
right?

Your nodes maybe secure but your neighbors node is probably not setup
with the same "Security guidelines" in mind but it is still part of our
HAM Radio network in which we all communicate.  

I know of many dos/nos and linux/nos type setups that still have
anonymous telnet login that can currently access our packet network.Most
of these type node operators only concern is not allowing access to
radio ports and they are not concerned with anything that happens over
the Internet links.

It's a good thing your nodes are being monitored which is also what I do
a lot of here. I see constant attacks from the Internet 24/7 never stop.

One of many radio setup on my node routes 4 down stream AMPR Net
Gateways to the 44-net. Because these 4 server were under constant
attack from the Internet I had to just block access to the outside world
and only allow them to communicate within the 44-network.

So what about other nodes in our network. 

Anyone care to comment.



Jerry DeLong






______________________________________________________________
FADCA mailing list
Home: http://mailman.qth.net/mailman/listinfo/fadca
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:FADCA at mailman.qth.net

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html

More information about the FADCA mailing list