Penetration Testing mailing list archives

Re: [PEN-TEST] OT - How secure is an ISDN line?

From: Peter Van Epp <vanepp () SFU CA>
Date: Fri, 20 Oct 2000 11:02:58 -0700


On Thu, Oct 19, 2000 at 03:38:40PM -0400, JLJ wrote:

ISDN is as secure as a phone call, no more or less.  If you can access the
wire anywhere along the route and have equipment you can snoop the line,
just like you can a phone call.  I don't really think it's sa,"Noo send much
of anything in the clear anymore...


I have to disagree on this, while you can plug a phone (with a few
simple adjustments, comenly called a beige box) into an analogue
phone anywhere along the line and using either a linemans handset,
or a datatap (available from the many exchange&mart spy shops in the
uk). It was always my understanding that it was far more difficult
to intercept a digital connection rather than a analogue connection
that said, as long as they are using a 56k connection it sould be
pretty difficult to intercept anyway, of course you could slow the
connection down ( by way of line noise eiugh to force it into an
much more intercept friendly mode of none error correcting 4800/9600.


        I think you are discussing analog modems while the original poster was
discussing ISDN. If you can get the tap on the line I expect ISDN is the
easier of the pair to decode (at least with V90 analog modems) since the data
is digital and non encrypted (well, the modem isn't encrypted either, but see
below). That means if you can recover the clocking and data on the ISDN line
(which test sets will do) then you should be able to recover the data. Neither
this nor getting the appropriate access is trivial but it is possible for
a determined attacker. As stated end to end encryption is the best bet.
        The 56K modem case is hard because the DSP on either end is listening
to the incoming signal by subtracting its outgoing signal from the signal on
the line to recover the incoming data. As a man-in-the middle attacker you
lack the information about what either modem is currently sending to know
what to subtract from the signal on the line to recover the other side. If
anyone knows of a test set to do this I'd be interested in a reference because
we are having 56K modem problems and would love to be able to tap a monitor
modem on to a B channel of a PRI when it isn't one of the participating modems.
I suspect such a thing isn't possible due to lack of information, but I'd
love to be wrong :-).

Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada

Current thread:

[PEN-TEST] OT - How secure is an ISDN line? David Fox (Oct 18)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Vitaly McLain (Oct 18)
  - [PEN-TEST] Lotus Notes ID Files Ansar Mohammed (Oct 19)
    - Re: [PEN-TEST] Lotus Notes ID Files Patrick Mueller (Oct 21)
- Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? JLJ (Oct 19)
  - Re: [PEN-TEST] OT - How secure is an ISDN line? Cold Fire (Oct 20)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? Peter Van Epp (Oct 20)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- <Possible follow-ups>
- Re: [PEN-TEST] OT - How secure is an ISDN line? Clem Colman (Oct 19)
  - Re: [PEN-TEST] OT - How secure is an ISDN line? Kris Carlier (Oct 19)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Dunker, Noah (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Knowledgebase i-Net Security (Oct 19)
- [PEN-TEST] OT - How secure is an ISDN line? Dave Cowen (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? John Brand (Oct 24)
  - Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs Talisker (Oct 25)
    - Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs van der Kooij, Hugo (Oct 25)

(Thread continues...)