Penetration Testing mailing list archives
R: MITM ADSL IPoE
From: "Rissone Ruggero" <ruggero.rissone () telecomitalia it>
Date: Fri, 2 May 2008 09:34:59 +0200
Commercial products that could sniff an ADSL line are based also on layer 1. http://www.tracespan.com/Products.html http://www.broadframe.com/products/dslscope.html I'm not sure if they also inject (or substitute) data on the line. Best regards. RR ________________________________________ Da: listbounce () securityfocus com [listbounce () securityfocus com] per conto di frog horror [frogho () gmail com] Inviato: giovedì 1 maggio 2008 23.21 A: pen-test Oggetto: MITM ADSL IPoE Hi all, I am trying to build a scenario where I could do a kind of MITM connexion between a device (like a Residential Gateway) and the my ADSL line (DSLAM). The WAN connexion is an IPoE over ATM connexion without any kind of 802.1X (just Ethernet and DHCP on top of that...). Therfore, I can imagine how easy it can be to insert a fake Residential Gateway but what about a real MITM attack with a valid Residential Gateway and my laptop betwwen the RG and the DSLAM. I am pretty aware about kind of Layer 2/3 attacks and requirements but I am still confused about the physical connectivity and what I need to do/build to do such a thing. Did any of you already experience that kind of things? Thanks for your help Frog ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ -------------------------------------------------------------------- CONFIDENTIALITY NOTICE This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us by replying to webmaster () telecomitalia it. Thank you www.telecomitalia.it -------------------------------------------------------------------- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- MITM ADSL IPoE frog horror (May 01)
- R: MITM ADSL IPoE Rissone Ruggero (May 02)