Penetration Testing mailing list archives

Re: [PEN-TEST] OT - How secure is an ISDN line?

From: "van der Kooij, Hugo" <Hugo.van.der.Kooij () CAIW NL>
Date: Fri, 20 Oct 2000 20:25:10 +0200

On Fri, 20 Oct 2000, Cold Fire wrote:

On Thu, Oct 19, 2000 at 03:38:40PM -0400, JLJ wrote:

ISDN is as secure as a phone call, no more or less.  If you can access the
wire anywhere along the route and have equipment you can snoop the line,
just like you can a phone call.  I don't really think it's sa,"Noo send much
of anything in the clear anymore...


I have to disagree on this, while you can plug a phone (with a few
simple adjustments, comenly called a beige box) into an analogue
phone anywhere along the line and using either a linemans handset,
or a datatap (available from the many exchange&mart spy shops in the
uk). It was always my understanding that it was far more difficult
to intercept a digital connection rather than a analogue connection
that said, as long as they are using a 56k connection it sould be
pretty difficult to intercept anyway, of course you could slow the
connection down ( by way of line noise eiugh to force it into an
much more intercept friendly mode of none error correcting 4800/9600.


ISDN is fundamentaly different from analog lines. There is no such thing
as 'slowing ISDN down'. However it isn't to difficult to create a wiretap.
The electronics are quite basic. Decoding ISDN owuld require some more
effort but if you don't have a generic sniffer you should be able to build
a listening only ISDN device.

As a matter of fact there are ISDN taps on the market. The purpose is to
analyze problems. However setting up a network tap for interception
purposes using one shouldn't be hard.

In most cases there are easier ways to access information but if you want
to and have a budget like the NSA you can tap literally everything (and
they tap a lot more then you would like to.)

Hugo.

--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ  Maasland
hvdkooij () caiw nl     http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
Quoting this tagline is illegal! (http://www.dtcc.edu/cs/rfc1855.html)

Current thread:

[PEN-TEST] OT - How secure is an ISDN line? David Fox (Oct 18)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Vitaly McLain (Oct 18)
  - [PEN-TEST] Lotus Notes ID Files Ansar Mohammed (Oct 19)
    - Re: [PEN-TEST] Lotus Notes ID Files Patrick Mueller (Oct 21)
- Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? JLJ (Oct 19)
  - Re: [PEN-TEST] OT - How secure is an ISDN line? Cold Fire (Oct 20)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? Peter Van Epp (Oct 20)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- <Possible follow-ups>
- Re: [PEN-TEST] OT - How secure is an ISDN line? Clem Colman (Oct 19)
  - Re: [PEN-TEST] OT - How secure is an ISDN line? Kris Carlier (Oct 19)
    - Re: [PEN-TEST] OT - How secure is an ISDN line? van der Kooij, Hugo (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Dunker, Noah (Oct 19)
- Re: [PEN-TEST] OT - How secure is an ISDN line? Knowledgebase i-Net Security (Oct 19)
- [PEN-TEST] OT - How secure is an ISDN line? Dave Cowen (Oct 20)
- Re: [PEN-TEST] OT - How secure is an ISDN line? John Brand (Oct 24)
  - Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs Talisker (Oct 25)
    - Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs van der Kooij, Hugo (Oct 25)
    - Re: [PEN-TEST] How secure is an ISDN line? Fibre Optic TAPs Peter Gamache (Oct 25)

(Thread continues...)