Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Tech and Talk » OS and Software » PPPoE » wiretap a LAN through ethernet bridging of DSL modem
Uniqs:
1014		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·dslreports PPPoE Info Page ·RASPPPoE Homepage ·
Carrick Solutions Site Links
patcat88

join:2002-04-05
Jamaica, NY

wiretap a LAN through ethernet bridging of DSL modem


Let say someone has purchased 5 IP addresses from a DSL provider using PPPOE. To get at his 5 IP addresses, he needs to dial 1 PPPOE connection per computer. He has 5 computers.He also does Windows LAN File sharing/SMB/CIFS/NetBeui/NetBIOS. Netbeui and Windows File sharing and TCPIP and PPPOE are bound to the Ethernet adaptors of the 5 computers. Just TCPIP is bound to the PPPOE dialup/modem adaptors. The DSL modem is plugged into a switch with the 5 computers. There is no NAT/Router in this setup.

As far as I know, there is a layer 2 ethernet bridge going through the DSL modem to the Access Concentrator/DSLAM, connecting the layer 2 ethernet LAN of the above case, to the telephone company. AFAIK, it is required, otherwise the PPPOE packets wont have anything to ride over to the telco side.

On my ATT DSL connection, using Wireshark, one of the PPPOE packet's MAC address belongs Siara Networks (which was bought by Redback networks), the access concentrator's name is something-Rback-something, so yeah, Im pretty sure im seeing the MAC address of the DSLAM. The MAC address that the DSL modem has when I access it through Telnet is different, and it belongs to the range of the manufacturer of the modem (Efficient Networks), and its different from the PPPOE MAC address.

Now my question is, how easy it is for ATT/Telephone company/DSLAM owner/DSLAM tech/Law Enforcement, to sniff/see/"become a NIC on"/"plug into the layer 2" of the LAN described in the beginning, and then go on Network Neighborhood/My Network Places, and since this guy didn't password protect anything, read/write whatever they want on this guy's LAN? And is this done already for wiretapping?

I realize this would rarely work, since a router will block layer 2 of the LAN, from the layer 2 of the DSL modem, and almost everyone today uses a router, but is this a perfectly valid attack vector, or is there some standard in a DSL modem that mandates MAC filtering except for the Access Concentrator MAC? or does layer 2 really die in the DSL modem and never goes out over ADSL link?
permalink · 2008-01-09 02:08:24 · Print · Reply to this
Forums » Tech and Talk » OS and Software » PPPoE

Thursday, 03-Dec 14:12:23 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [162] Comcast Releasing Promised Usage Meter
· [129] Avast Antivirus Has Gone Mad
· [103] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [74] Comcast Makes NBC Universal Acquisition Official
· [70] Baltimore To Ban Lazy Cable Installs
· [64] Broadband Killed The Game Console
· [55] Rogers Unveils The ISP Dream Model
· [47] ACTA: Global Three Strikes
· [43] Cable Industry's 'Adoption Plus': Altruism Or PR Stunt?
Most people now reading
· False positive in Avast! or is it real? [Security]
· Warrior tank seem underpowered these days [World of Warcraft]
· Microsoft actively urges IE 6 users to upgrade [Security]
· [TWC] Audio/Video outage in Brooklyn [Time Warner Cable TV/Voice]
· [Rant] Disrespect of PTO [Rants, Raves, and Praise]
· Linux is terrorist - according to MS... [All Things Unix]
· Many Sites Unreachable [Rogers]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· Here comes El NIno [Southern California]
· HELP! Leveling up! [World of Warcraft]