Re: Leased Lines

[Elizabeth Greene <elizabeth.a.greene () gmail com>]

Well said.

Depending on the physical plant in your immediate vicinity, the attack
may be easier or harder than you'd think.

In one building I have worked in, the tenant controlled access to the
Telecom room all of the copper T1 circuits were rolled up into fiber
before they left the site.  This scenario would be quite difficult to
attack without cooperation from someone with Telco privileges.  Quite
difficult != impossible..
http://www.eyewitnesstohistory.com/spytunnel.htm

At another engagement, the DSL circuit was installed in a unlocked
wall cabinet in the parking garage.  We extended the wiring up to the
suite and terminated it in a router.  In this situation, a $10,000
Fluke ADSL test set would happily monitor this connection.  A
similarly priced tester will work for a T1.  Conveniently in the same
cabinet,  the Telco had labeled a number of T1s with little red
plastic caps and paper tags with the customer name and Circuit ID.

Encrypt first, ask questions later.

On Wed, Oct 14, 2009 at 2:45 PM, Gorgon Beast <gorgonbeast () hotmail com> wrote:
> Sebastian,
>
> Surprisingly, I get asked this a lot.  Certainly, it can be done (anything CAN be done).  Anyone that has physical 
> access to the cabling can put in a Y and examine traffic.  This is, of course, more difficult that it sounds; trying 
> to find the right wires in a bundle of 50,000 other wires, then getting your connector in there without setting off 
> alarms is another matter. Or if the bad guy has access to the building, all bets are off.
>
> What it really depends on is what you are sending across.  If you are a bank, or the IRS, then it would be a good 
> idea to encrypt it too; these businesses have oodles of cash laying around, just waiting to be spent.  If you are a 
> small business sending files back and forth to your other office and it has no personally identifiable information in 
> it, then it probably isn't such a high priority.
>
> Since most routers and firewalls have VPN technology built into them these days, it is generally a good idea to do it 
> anyway, it doesn't appreciably slow anything down, and it just makes things that much more secure.  Likewise for the 
> strong authentication.
>
> John
>
>
>
> > Hi,
> >
> > I'm looking for any information related to the security of leased
> > lines, specifically if it is feasible to eavesdrop on them outside a
> > companies building. What would it take to do it?
> >
> > I'm having a debate about the use fullness of encryption on leased
> > lines and the use of strong authentication for the PPP session and
> > such.
> >
> > I understand there are always risk assessment/costs aspects to
> > security issues, but I'm currently focused on the technical side of
> > things :)

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------