Physical Security Book Published

Physical security is video surveillance, entryway access, and sensors. In other words, it’s a network of things to protect and secure physical areas. Traditionally this network was analog and serial, but today it’s converging through the use of the Internet Protocol (IP). IP allows you to build a physical security network using one network and probably the very same network that you already have in place. Transitioning over to IP also gives rise to a lot more features and software based analytics. Physical security is just as important as network security.

Tim Dodge and I wrote a book last year about transitioning from analog to IP-based security systems called, “Introduction to IP-based Physical Security”, published by TESSCO Publishing. The book is meant to be a jump start for those heading over to IP-based physical security and video surveillance.

Today I had the thrill of opening up a box with a few publication samples. I know we are in a digital age, but I have to admit that it was cool holding a book with an ISBN and a barcode on it…

IP-based Physical Security

I look forward to running into this book in a used bookstore and/or being the reason for a book burning.

Passive Packet Capturing

User A to User B packet data traffic can be monitored through a HUB by User C using a “receive‑only” Ethernet cable.

On the HUB end of the cable, there is a loop between TX and RX to activate the HUB port. Any traffic through the HUB will now include this port in the broadcasts.

User C taps onto the loop by its receive pins.

Once the connections are made to the HUB, User C will receive all packets that flow through the HUB, but User C will not transmit any packets towards the HUB (no DHCP requests and no ARP requests).

The NIC on User C is in promiscuous mode capturing all incoming packets only.

Using a receive-only Ethernet cable in this configuration allows for the ability to passively capture packets, while not actively being a part of the network.

Network administrators can actively test for devices in promiscuous mode, monitor for DHCP and ARP requests, and review MAC tables to determine the presence of a packet analysis tool.