Penetration Testing mailing list archives
Re: [PEN-TEST] X25, all but forgotten?
From: "Frasnelli, Dan" <dfrasnel () COREWAR COM>
Date: Tue, 29 Aug 2000 16:40:30 -0400
Its good to run into a fellow PAD runner.
Agreed, there are hundreds of these devices which you see hanging off X.25 networks, PACX, DMS and a sundry of other Ericson, Nortel, Bell devices which are X.25 capable. It's worth noting that almost all of the Nortel hardware out there is both TCP/IP and X.25 capable, so obviously the market is there or at least people are still using X.25 for business.
Understand that X.25 is nowhere near dead, its only forgotten by the general public (which includes most "IT professionals" in my book) on this side of the pond. It is actively used in many European and Asian countries for everything from financial transactions to academic research nets and general public access. Iraq, Germany, Yugoslavia, Italy, England, India, Russia, and several others have a core X.25 PSN. Because most telecomm hardware companies have international clients, you still see X.25 functionality built into Cisco, Nortel, Ericson etc. devices. Over here, domestic X.25 is largely abandoned and being replaced by IP VPNs, etc. However.. many companies are connected to an international PSN and are not even aware of it. Therein lies a serious problem - if no admin is aware of that connection, it can be quietly exploited to hop around the globe.. effectively hiding the intruder from his victim behind a long list of unprotected, unmonitored pads.
Agreed, eventually you end up with the 'steel door on a grass hut' syndrome. Where they have layered firewalls, acl control and IDS's bulwarked up front and close to nothing on their dial ups and X.25 connections.
Ding ding. That analogy carries over well into most modern-day X.25 nets - they are hard to get into but very chewy on the inside. Factory default access/enable passwords are the most common security hole I have found. PAD to PAD is always fun to play with, too. http://www.seclabs.org/x25/ has an archive of the old qwerty.nanko.ru site, and links to more recent (1999/2000) information. -dan
Current thread:
- [PEN-TEST] X25, all but forgotten? Alfred Huger (Aug 29)
- Re: [PEN-TEST] X25, all but forgotten? edison (Aug 29)
- Re: [PEN-TEST] X25, all but forgotten? Vanja Hrustic (Aug 29)
- <Possible follow-ups>
- Re: [PEN-TEST] X25, all but forgotten? Masse, Robert (Aug 29)
- Re: [PEN-TEST] X25, all but forgotten? Alfred Huger (Aug 29)
- Re: [PEN-TEST] X25, all but forgotten? Frasnelli, Dan (Aug 29)
- Re: [PEN-TEST] X25, all but forgotten? Emmanuel Gadaix (Aug 30)
- Re: [PEN-TEST] X25, all but forgotten? Peter Van Epp (Aug 30)
- Re: [PEN-TEST] X25, all but forgotten? Alfred Huger (Aug 29)