From: rc@TSTF.net
Date: Wed Aug 03 2005 - 12:18:09 EDT
as far as I can see, Marco Ivaldi already gave you a very good explanation of the whole idea, but if you've never performed X.25 pentesting, a little bit of "clear goals" are needed.
I've tried to put into the OSSTMM methodology the logics and the goals needed when pentesting on X.25 private and public networks; in the next release of the OSSTMM (3.0) by ISECOM (www.osstmm.org), you will find a section fully dedicated to X.25 and X.28 penetration testing, with clear flows and goals, including the classic "actions" to execute when simulating an X.25 attack (indipendently from the attack media you use, that can be X.28 [via NUI or natl/intl Reverse Charge], XoT or X.25 Over Ethernet:
I think this is what you need, as well as some theorical know-how on the X.25 world (NUA syntax, PAD signals and error codes, etc).
If you need more infos and help, feel free to mail me privately.
Ciao,
Raoul
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:40 EDT