Penetration Testing mailing list archives
Re: [PEN-TEST] OT - How secure is an ISDN line?
From: Peter Van Epp <vanepp () SFU CA>
Date: Fri, 20 Oct 2000 11:02:58 -0700
On Thu, Oct 19, 2000 at 03:38:40PM -0400, JLJ wrote:ISDN is as secure as a phone call, no more or less. If you can access the wire anywhere along the route and have equipment you can snoop the line, just like you can a phone call. I don't really think it's sa,"Noo send much of anything in the clear anymore...I have to disagree on this, while you can plug a phone (with a few simple adjustments, comenly called a beige box) into an analogue phone anywhere along the line and using either a linemans handset, or a datatap (available from the many exchange&mart spy shops in the uk). It was always my understanding that it was far more difficult to intercept a digital connection rather than a analogue connection that said, as long as they are using a 56k connection it sould be pretty difficult to intercept anyway, of course you could slow the connection down ( by way of line noise eiugh to force it into an much more intercept friendly mode of none error correcting 4800/9600.
I think you are discussing analog modems while the original poster was discussing ISDN. If you can get the tap on the line I expect ISDN is the easier of the pair to decode (at least with V90 analog modems) since the data is digital and non encrypted (well, the modem isn't encrypted either, but see below). That means if you can recover the clocking and data on the ISDN line (which test sets will do) then you should be able to recover the data. Neither this nor getting the appropriate access is trivial but it is possible for a determined attacker. As stated end to end encryption is the best bet. The 56K modem case is hard because the DSP on either end is listening to the incoming signal by subtracting its outgoing signal from the signal on the line to recover the incoming data. As a man-in-the middle attacker you lack the information about what either modem is currently sending to know what to subtract from the signal on the line to recover the other side. If anyone knows of a test set to do this I'd be interested in a reference because we are having 56K modem problems and would love to be able to tap a monitor modem on to a B channel of a PRI when it isn't one of the participating modems. I suspect such a thing isn't possible due to lack of information, but I'd love to be wrong :-). Peter Van Epp / Operations and Technical Support Simon Fraser University, Burnaby, B.C. Canada
Current thread:
- [PEN-TEST] OT - How secure is an ISDN line? David Fox (Oct 18)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Vitaly McLain (Oct 18)
- [PEN-TEST] Lotus Notes ID Files Ansar Mohammed (Oct 19)
- Re: [PEN-TEST] Lotus Notes ID Files Patrick Mueller (Oct 21)
- [PEN-TEST] Lotus Notes ID Files Ansar Mohammed (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? JLJ (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Cold Fire (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Peter Van Epp (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Cold Fire (Oct 20)
- <Possible follow-ups>
- Re: [PEN-TEST] OT - How secure is an ISDN line? Clem Colman (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Kris Carlier (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Kris Carlier (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Dunker, Noah (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Knowledgebase i-Net Security (Oct 19)
- [PEN-TEST] OT - How secure is an ISDN line? Dave Cowen (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? John Brand (Oct 24)
- Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs Talisker (Oct 25)
- Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs van der Kooij, Hugo (Oct 25)
- Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs Talisker (Oct 25)
(Thread continues...)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Vitaly McLain (Oct 18)