Let me ask a stupid question. Why is it not the FEDS job to translate
data as they see fit? George, please ask that question when you see the
FBI. This one is very important to me. I am also copying our attorney,
Kris Twomey, on this particular issue. This sounds like a bunch of
crapola if Uncle Sam is expecting us to manipulate / translate the data
in any way beyond the raw form. This sounds like their job to me.
Scriv
Jeff Broadwick wrote:
Hi John,
The two I'm aware of are SS8 and Verint. They are very expensive.
The mediation device takes in the IP traffic from the ISP's router and
translates it into the LAES format that the Feds require, and sends it
along.
Jeff
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of John Scrivner
Sent: Tuesday, February 13, 2007 2:02 PM
To: WISPA General List
Subject: Re: CALEA - HOW? RE: [WISPA] Form 445
What can you tell us about the "mediation box"? Is this something we can
build a few of as WISPA and send to members who need it?
Thanks,
Scriv
Jeff Broadwick wrote:
Actually, the standard for connecting the mediation box to the LEA (known
as
LAES) has been finalized. The standard for connecting from the router to
the mediation box (T1-IAS I believe) will be finalized later this month.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Butch Evans
Sent: Tuesday, February 13, 2007 2:28 AM
To: WISPA General List
Subject: Re: CALEA - HOW? RE: [WISPA] Form 445
On Tue, 13 Feb 2007, Rick Smith wrote:
OK, Don't point me to some confusing URL I don't have time (or
patience) to read about how to comply with CALEA.
The most difficult thing about the CALEA compliance issue is that the
format
of the data has not, yet, been finalized. This makes it impossible
(IMNSHO)
to determine exactly how compliance is gonna look. Here is what IS known:
1. You must be able to send the data (in a yet to be determined
format) via a secure connection to the requesting LEA (law enforcement
agency)
2. The LEA will supply you with a subpoena requesting information on a
specific customer.
3. You must be able to capture (and forward) ALL traffic to and from that
customer. This means even traffic between that customer and another of
your
customers, so a sniffer at the border is NOT enough.
4. The "target" cannot know his data is being logged.
I don't think I missed any of the "major points". I have heard that PCAP
(tcpdump or MT packet sniffer) format is possibly going to be an approved
format, but it CANNOT be a "store and forward". In other words, it MUST be
streamed to the LEA.
I have heard, but I can't confirm (since, I am only an associate
member) that the principle member's list has better insight into what WISPA
is doing on behalf of the membership. (This was gleaned from various posts
on the mailing list here, and is just an
assumption.) Either way, membership is a good idea. ;-)
If I missed anything, perhaps someone here can point it out.
--
Butch Evans
Network Engineering and Security Consulting
573-276-2879
http://www.butchevans.com/
My calendar: http://tinyurl.com/y24ad6
Training Partners: http://tinyurl.com/smfkf Mikrotik Certified Consultant
http://www.mikrotik.com/consultants.html
--
WISPA Wireless List: wireless@wispa.org
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
--
WISPA Wireless List: wireless@wispa.org
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
