Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] X25, all but forgotten?
From: Marc <knepperm () CUUG AB CA>
Date: Thu, 31 Aug 2000 23:13:33 -0600

Well, I happen to know for sure that a major access point to the airline
booking systems is X.25 and credit-card numbers are sent over it (at least
here in Canada).

I would be VERY interested if somebody had links to real tools (I've seen
lots of reference to them but nothing concrete yet) as X.25 is alive and
well and carrying sensitive data.

Please feel free to contact me directly if you have such tools - I have a
legitimate use for them and my curiosity/paranoia have now been stoked

-----Original Message-----
From: Emmanuel Gadaix [mailto:emmanuel () RELAYGROUP COM]
Sent: Wednesday, August 30, 2000 12:26 AM
Subject: Re: [PEN-TEST] X25, all but forgotten?

On the issue whether X.25 is still used any longer or not...

It's worth mentioning that countless organizations are still widely using
X.25 for legit purposes.
Telecommunications operators use it extensively, so do banks and other
financial institutions (e.g. the SWIFT fund-transfer network is built over
X.25 encrypted links).

A special case worth of interest is France, which is operating one of the
largest X.25 network, Transpac. In the eighties, France built its national
videotext system, called Teletel, using its underlying X.25 network. The
success of that product, called the Minitel, was so huge that nowadays
(although it's a 1200 bps low-res display) it is still used by some 20,000
service providers and millions of Internet-challenged Frenchmen.

Interestingly, you are able to scan all X.25 networks from the Minitel,
once you're familiar with some of its features and call mode. Not very
fast, but 100% legal and... free.

Anyway as Vanja pointed out, there are quite many underground tools from
the glorious days of X.25 hacking, some probably sleep on some of our old
DAT backup... And as Alfred reminded us, most scanners are PSN-specific.

We try to suggest to our client to test their X.25 but most of them do not
seem to be interested in that. Strange considering that quite often the
X.25 link will be behind the firewall.

One document of interest is the RFC1356, "encapsulation of IP and other
network layer protocols over X.25".

Emmanuel Gadaix
The Relay Group

9A1C A656 5F15 977D 0A1B  5E11 E06F 439C 3C68 7413

MArc (and Kirstie too sometimes)
H.A.N.S.: Humanoid Assembled for Nocturnal Sabotage - http://www.brunching.com/toys/toy-cyborger.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]