Physical security has been around since the first caveman guarded his mammoth skins and clubbed his neighbor over the head for trying to steal them. Because of its long history, physical security is a very mature field. However, as many InfoSec professionals start out as technicians, this aspect of security is often overlooked. In most circumstances, security is completely compromised once physical access is achieved. With physical access, attackers can disable, reconfigure, replace, and/or steal systems. Security is only as strong as the weakest link, and no amount of firewall protection, intrusion detection, or network security does any good if an attacker can simply walk off with the. | Page 133 Friday February 15 2002 2 51 PM APPENDIX B Physical Security Physical security has been around since the first caveman guarded his mammoth skins and clubbed his neighbor over the head for trying to steal them. Because of its long history physical security is a very mature field. However as many InfoSec professionals start out as technicians this aspect of security is often overlooked. In most circumstances security is completely compromised once physical access is achieved. With physical access attackers can disable reconfigure replace and or steal systems. Security is only as strong as the weakest link and no amount of firewall protection intrusion detection or network security does any good if an attacker can simply walk off with the system. This appendix discusses how to physically protect routers from attackers Murphy s Law and Mother Nature. Protection Against People The first denial-of-service attack against a network probably consisted of cola being poured into a router. Using a baseball bat would be equally effective. Without physical security a janitor tripping over a power cord can bring down an entire network. Physical security not only protects against maliciousness but also stupidity. Physical access is used not just for destruction. With physical access attackers can take control of your systems. With physical access it takes only a few minutes for an attacker to perform a password recovery on a Cisco router. Sophisticated attackers wouldn t even bother with password recovery. To avoid minutes of downtime and possible detection they would replace the router with one that had been preconfigured to function normally but to also let them record traffic and access trusted networks. Location The first aspect to discuss when talking about physical security is location. Where are the routers physically located Do they sit in a secured room in a closet down the hall or somewhere up in the suspended ceiling Because of their importance .
