Penetration Testing mailing list archives
Re: [PEN-TEST] X25, all but forgotten?
From: Marc <knepperm () CUUG AB CA>
Date: Thu, 31 Aug 2000 23:13:33 -0600
Well, I happen to know for sure that a major access point to the airline booking systems is X.25 and credit-card numbers are sent over it (at least here in Canada). I would be VERY interested if somebody had links to real tools (I've seen lots of reference to them but nothing concrete yet) as X.25 is alive and well and carrying sensitive data. Please feel free to contact me directly if you have such tools - I have a legitimate use for them and my curiosity/paranoia have now been stoked
-----Original Message----- From: Emmanuel Gadaix [mailto:emmanuel () RELAYGROUP COM] Sent: Wednesday, August 30, 2000 12:26 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] X25, all but forgotten? On the issue whether X.25 is still used any longer or not... It's worth mentioning that countless organizations are still widely using X.25 for legit purposes. Telecommunications operators use it extensively, so do banks and other financial institutions (e.g. the SWIFT fund-transfer network is built over X.25 encrypted links). A special case worth of interest is France, which is operating one of the largest X.25 network, Transpac. In the eighties, France built its national videotext system, called Teletel, using its underlying X.25 network. The success of that product, called the Minitel, was so huge that nowadays (although it's a 1200 bps low-res display) it is still used by some 20,000 service providers and millions of Internet-challenged Frenchmen. Interestingly, you are able to scan all X.25 networks from the Minitel, once you're familiar with some of its features and call mode. Not very fast, but 100% legal and... free. Anyway as Vanja pointed out, there are quite many underground tools from the glorious days of X.25 hacking, some probably sleep on some of our old DAT backup... And as Alfred reminded us, most scanners are PSN-specific. We try to suggest to our client to test their X.25 but most of them do not seem to be interested in that. Strange considering that quite often the X.25 link will be behind the firewall. One document of interest is the RFC1356, "encapsulation of IP and other network layer protocols over X.25". -- Emmanuel Gadaix The Relay Group http://relaygroup.com 9A1C A656 5F15 977D 0A1B 5E11 E06F 439C 3C68 7413
-- MArc (and Kirstie too sometimes) - H.A.N.S.: Humanoid Assembled for Nocturnal Sabotage - http://www.brunching.com/toys/toy-cyborger.html
Current thread:
- Re: [PEN-TEST] X25, all but forgotten? Marc (Sep 01)
- Re: [PEN-TEST] X25, all but forgotten? Matt Baudendistel (Sep 02)
- Re: [PEN-TEST] X25, all but forgotten? Leif Ericksen (Sep 04)
- <Possible follow-ups>
- Re: [PEN-TEST] X25, all but forgotten? Mike Ireton (Sep 02)
- Re: [PEN-TEST] X25, all but forgotten? Matt Baudendistel (Sep 02)