Re: [PEN-TEST] OT - How secure is an ISDN line?

["Dunker, Noah" <NDunker () FISHNETSECURITY COM>]

ISDN is a point-to-point link that's handled through the Telco.  In
essence, it's just as secure as a PPP connection over your telephone line.
You are not placed on a "virtual LAN" or any anything of the sort (which is
one of the biggest problems with today's xDSL and Cable Modems.)  In most
cases, ISDN is considered to be one of the most secure medium-bandwidth
links available.  The same holds true that you should be doing encryption
over the link (can be done with VPN appliances or software.)

There isn't really much difference between ISDN and a T1 or T3 connection,
security wise.  Anyone who can place a host en route to the destination
can sniff the traffic.  This includes route manipulation, or malicious
activity at the Service Provider or Backbone level.

--Noah Dunker
Network Security Engineer / Piranha Team
FishNet Security

-----Original Message-----
From: Vitaly McLain [mailto:twistah () DATASURGE NET]
Sent: Wednesday, October 18, 2000 9:13 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: OT - How secure is an ISDN line?


Hi,

While I know nothing about ISDN, the general comment is this: it's not the
connection, it's the protocol traveling over the connection. Anything
transmitted in clear-text is sniffable. This includes POP3, Telnet sessions
and many other common protocols. Using SSH (Secure SHell), or tunneling
through it, makes the connection safe from sniffers.

To find out how safe/unsafe your network is, you have to do some sniffing
around on your own. Get a sniffer that will pickup whole packets (ngrep,
ngrep.datasurge.net) and something that could reassemble/replay connections
(Ethereal, ethereal.zing.org). The most important tool for you, IMHO, is Dug
Song's dsniff (www.monkey.org/~dugsong/dsniff). This is a sniffer which will
parse our passwords from sniffed data. It supports /many/ protocols.
Download it, compile it, run it and see what you pick up.

Vitaly McLain
twistah () datasurge net