Penetration Testing mailing list archives
Re: Leased Lines
From: Elizabeth Greene <elizabeth.a.greene () gmail com>
Date: Fri, 16 Oct 2009 02:23:28 +0000
Well said. Depending on the physical plant in your immediate vicinity, the attack may be easier or harder than you'd think. In one building I have worked in, the tenant controlled access to the Telecom room all of the copper T1 circuits were rolled up into fiber before they left the site. This scenario would be quite difficult to attack without cooperation from someone with Telco privileges. Quite difficult != impossible.. http://www.eyewitnesstohistory.com/spytunnel.htm At another engagement, the DSL circuit was installed in a unlocked wall cabinet in the parking garage. We extended the wiring up to the suite and terminated it in a router. In this situation, a $10,000 Fluke ADSL test set would happily monitor this connection. A similarly priced tester will work for a T1. Conveniently in the same cabinet, the Telco had labeled a number of T1s with little red plastic caps and paper tags with the customer name and Circuit ID. Encrypt first, ask questions later. On Wed, Oct 14, 2009 at 2:45 PM, Gorgon Beast <gorgonbeast () hotmail com> wrote:
Sebastian, Surprisingly, I get asked this a lot. Certainly, it can be done (anything CAN be done). Anyone that has physical access to the cabling can put in a Y and examine traffic. This is, of course, more difficult that it sounds; trying to find the right wires in a bundle of 50,000 other wires, then getting your connector in there without setting off alarms is another matter. Or if the bad guy has access to the building, all bets are off. What it really depends on is what you are sending across. If you are a bank, or the IRS, then it would be a good idea to encrypt it too; these businesses have oodles of cash laying around, just waiting to be spent. If you are a small business sending files back and forth to your other office and it has no personally identifiable information in it, then it probably isn't such a high priority. Since most routers and firewalls have VPN technology built into them these days, it is generally a good idea to do it anyway, it doesn't appreciably slow anything down, and it just makes things that much more secure. Likewise for the strong authentication. JohnHi, I'm looking for any information related to the security of leased lines, specifically if it is feasible to eavesdrop on them outside a companies building. What would it take to do it? I'm having a debate about the use fullness of encryption on leased lines and the use of strong authentication for the PPP session and such. I understand there are always risk assessment/costs aspects to security issues, but I'm currently focused on the technical side of things :)
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Leased Lines Sebastiaan (Oct 13)
- RE: Leased Lines Shenk, Jerry A (Oct 13)
- RE: Leased Lines Craig Wilson (Oct 15)
- Re: Leased Lines David Howe (Oct 15)
- Re: Leased Lines Wim Remes (Oct 15)
- <Possible follow-ups>
- RE: Leased Lines Gorgon Beast (Oct 15)
- Re: Leased Lines Elizabeth Greene (Oct 19)