Re: [PEN-TEST] OT - How secure is an ISDN line?

[Knowledgebase i-Net Security <knowledgebase () lycos com>]

   The connection is just like a Ordinary DEdicated Dial-Up the only Difference is that an ISDN is using a Digital 
Line, Greater Bandwidth from 64k to 128k and w/ different Router (ISDN Router) etc...

    Thats why it is also Vulnerable w/ packet sniffers
coz` the data that being transmitted is just a plain clear text passwords... if ur using windows based OS try 
Winsniff... i've tried it already and it really sniffs passwords.. etc...

          Regards,
          Abraham
        (zer0-Logic)
Internet Information Security REsearch Engr.
    Network Security Solutions Inc.
     Http://www.Nssolution.Net


--===============

On Wed, 18 Oct 2000 21:13:07
 Vitaly McLain wrote:
> Hi,
>
> While I know nothing about ISDN, the general comment is this: it's not the
> connection, it's the protocol traveling over the connection. Anything
> transmitted in clear-text is sniffable. This includes POP3, Telnet sessions
> and many other common protocols. Using SSH (Secure SHell), or tunneling
> through it, makes the connection safe from sniffers.
>
> To find out how safe/unsafe your network is, you have to do some sniffing
> around on your own. Get a sniffer that will pickup whole packets (ngrep,
> ngrep.datasurge.net) and something that could reassemble/replay connections
> (Ethereal, ethereal.zing.org). The most important tool for you, IMHO, is Dug
> Song's dsniff (www.monkey.org/~dugsong/dsniff). This is a sniffer which will
> parse our passwords from sniffed data. It supports /many/ protocols.
> Download it, compile it, run it and see what you pick up.
>
> Vitaly McLain
> twistah () datasurge net


10% cash back on all your calls through 2000 at Lycos Communications at http://comm.lycos.com