Penetration Testing mailing list archives
RE: Leased Lines
From: "Craig Wilson" <craig.wilson () redtray co uk>
Date: Wed, 14 Oct 2009 08:36:13 +0100
Hi Seb, It can certainly be tapped into, though the fact that it's a leased line makes it less easy to do. Basically you are dealing with just one (usually) supplier and so you just need to worry about their security standards rather than the Internet in general. I'd suggest any connection that you would deem 'corporate' needs to be encrypted in some way. Obviously you lose a little performance as soon as you start to encrypt and if you have Cisco devices on the end-points you will want encryption cards in them. Craig -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Sebastiaan Sent: 12 October 2009 10:43 To: pen-test () securityfocus com Subject: Leased Lines Hi, I'm looking for any information related to the security of leased lines, specifically if it is feasible to eavesdrop on them outside a companies building. What would it take to do it? I'm having a debate about the use fullness of encryption on leased lines and the use of strong authentication for the PPP session and such. I understand there are always risk assessment/costs aspects to security issues, but I'm currently focused on the technical side of things :) Reg. Seb ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Leased Lines Sebastiaan (Oct 13)
- RE: Leased Lines Shenk, Jerry A (Oct 13)
- RE: Leased Lines Craig Wilson (Oct 15)
- Re: Leased Lines David Howe (Oct 15)
- Re: Leased Lines Wim Remes (Oct 15)
- <Possible follow-ups>
- RE: Leased Lines Gorgon Beast (Oct 15)
- Re: Leased Lines Elizabeth Greene (Oct 19)