This short article is about a system I dreamed up while in custody.
I was threatened by individuals who will remain nameless that they had been using custom
0day exploits (actually back doors from the manufacturers) to infiltrate my networks and make the use of tcpdump worthless.
This is what I came up with.
From my understanding they have back doors (or exploits however you want to say it) in the networking equipment I owned.
From my understanding they are in the chip which modulates and demodulates signals on the network.
I do not have the skill or resources to disassemble that chip(s) so here is what I decided I want to do.
The creating of a logging system which connects directly to the wired network, without and modulator/demodulator chip.
Instead this system will employ the use of another chip which has a sole purpose of taking line measurements and dumping them to a database.
Basically in short it will dump the raw signal information from the wired network in question, place into database, and then it can be (safely)
reassembled. There will also be a client workstation which connects to the database and has software (or a custom IC) which reassembles the signal in a sanitized environment. From here you will be able to view all packets going along the network, even if they exploit the equipment the network trusts.
I have yet to build this, but I figured I would publish the proposal before it (somehow) shows up somewhere else.