Internet Monitoring, IP-Block ing and Shaping, IT-Intrusion
The methods and used technology for communications worldwide have moved into the IP world. All types of communication are becoming more based on IP technology (e.g. VoIP). Unfortunately no standards for intercepting IP-based networks are yet in place. Most IP networks do not provide active LI-capability yet as known from classical switch based networks (PSTN, GSM). Currently there are two ways of intercepting IP traffic:
- Interception of IP traffic within the IP network of the internet service provider - purely passive
- Trying to get access to the target PC directly with IT-Intrusion tools
In case of passive IP interception
within the IP network, the task of
filtering IP based traffic is within
the interception system (Monitoring
Center). The interception system
receives all "raw" IP traffic
which needs to get filtered, stored,
decoded and viewed. The problem
here is that no encrypted IP-traffic
can be restored or decrypted (e.g.
VPN traffic, https, Skype, PGP, etc.)
and this is an essential amount of
the overall IP traffic within an IP
network. This problem can be
solved if the intercepted IP data can
be grabbed directly from the target
PC because encryption takes place
"behind" the target PC. This can be
achieved using IT-Intrusion Software.
Of course, such an approach
is only target-based, i.e. the target must be known, and if a Trojan is
embedded on the PC all IP traffic
can be intercepted (also Skype,
VPN, etc.). A variety of techniques
are available to deliver a Trojan to
the target either IS P-based or with
tools if physical access to the target
PC is possible.
A powerful countrywide IP interception
solution is based on the
realization of both concepts,
preferably combining them into one
system: Passive IP interception and
IT Intrusion Software.
