Hey all, I got a weird one for you. We have a case where we need to transmit some data to an airgapped server. This server must remain airgapped, and cannot be connected to our production network.
We have a second server, that needs to send data to that airgapped server. It uses SFTP, so TCP. The airgapped server does not necessarily need to respond (it is receiving data only), but since it's TCP... if it never responds, TCP won't connect.
If it were a UDP session, I'd just connect the airgapped server to a SPAN port, and be done with it. Maybe a static ARP entry on the transmitting server, or some other trickery.
Since it's TCP though.... my only thought is to have some other server that will terminate the TCP session, and send traffic via UDP to the airgapped server. Potentially also having a companion device that would receive the UDP traffic, and initiate a TCP session with the airgapped server.
Figured I'd ask if anyone has any other ideas.
No comments:
Post a Comment