Re: Re: x.25 / x.28 pentesting

[rc () TSTF net]

Hi Marcos,

as far as I can see, Marco Ivaldi already gave you a very good explanation of the whole idea, but if you've never 
performed X.25 pentesting, a little bit of "clear goals" are needed.

I've tried to put into the OSSTMM methodology the logics and the goals needed when pentesting on X.25 private and 
public networks; in the next release of the OSSTMM (3.0) by ISECOM (www.osstmm.org), you will find a section fully 
dedicated to X.25 and X.28 penetration testing, with clear flows and goals, including the classic "actions" to execute 
when simulating an X.25 attack (indipendently from the attack media you use, that can be X.28 [via NUI or natl/intl 
Reverse Charge], XoT or X.25 Over Ethernet: 

I think this is what you need, as well as some theorical know-how on the X.25 world (NUA syntax, PAD signals and error 
codes, etc).

If you need more infos and help, feel free to mail me privately.

Ciao,
Raoul

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------