My answer below was referring to private frame relay networks, either
connected to the Internet, or not.
THX,
Pete Goodridge
______________________________ Reply Separator _________________________________
Subject: RE: frame relay...
Author: Steve Cody <[EMAIL PROTECTED]> at internet
Date: 11/24/1999 8:12 AM
I think what Ron is referring to is a private Frame Relay network. I have a
similar setup. We have a frame relay network connecting our various
locations around the country, but this network is NOT connected to the
Internet.
Now, with that comment in mind, I don't have an answer to the question, but
I think the answer below is not what he's looking for. But, if that is not
what he is looking for, I am certainly interested in an answer for it.
Are private frame relay networks vulnerable to attack, sniffing, etc.?
Steve Cody
Information Systems Administrator
Gulbrandsen Manufacturing, Inc.
Email - [EMAIL PROTECTED]
-----Original Message-----
From: Marc Renner [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 23, 1999 4:23 PM
To: [EMAIL PROTECTED]
Subject: Re: frame relay...
*laugh*
Paraphrasing from Mastering Network Security by Chris Brenton page
125, it can be broken into if:
Someone is connected to the CO and switch, and they know your DLCI.
The book goes into it a little more.
THX,
Pete Goodridge
So what you're telling this person is to go buy a book? If this is all we
are going to tell people who traffic this mailing list for help, we
undermine the very purpose of it's existence - INFORMATION. I would suggest
that if you do not have anything of value to post, please refrain..we all
have enough SPAM to deal with day-to-day.
Ron: In response to your original question, about 99.98% of internet traffic
is at some point "frame-relay". As a result the majority of "Hacked" or
"compromised" systems are done using a frame relay circuit at some point
between the criminal and the victim. This does not need to be done using a
"sniffer". Typically it's done by port scanning, with a utility that scans an
IP address or range of IP addresses for open or active ports. Once the active
ports are noted a hacker will then trying to brute-force their way into the
system by using pregenerated login/password lists and a program that will
keep hammering the system with different combinations of logins/passwords
untill it finds one that works.
Packet sniffing attacks are relatively rare, one must have access to your
cable structure in order to grab your packets. OR as Mr. Brenton points out
access to your telephone company's cable structure.
All these reports of web sites being hacked and "Stolen" are done by poorly
written cgi scripts that allow command line executions (earlier versions of
Apache Web Server were notorious for allowing these cgi scripts by default)
I hope this helps clear things up...
Marc Renner - Director
Network Operations Dept.
City of Marysville, Wa.
++Don't get MAD....Get NDS!++
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
