Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Tech and Talk » OS and Software » PPPoE » wiretap a LAN through ethernet bridging of DSL modem
Search Topic:
Uniqs:
1004		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·dslreports PPPoE Info Page ·RASPPPoE Homepage ·
Carrick Solutions Site Links
AuthorAll Replies

patcat88

join:2002-04-05
Jamaica, NY

wiretap a LAN through ethernet bridging of DSL modem


Let say someone has purchased 5 IP addresses from a DSL provider using PPPOE. To get at his 5 IP addresses, he needs to dial 1 PPPOE connection per computer. He has 5 computers.He also does Windows LAN File sharing/SMB/CIFS/NetBeui/NetBIOS. Netbeui and Windows File sharing and TCPIP and PPPOE are bound to the Ethernet adaptors of the 5 computers. Just TCPIP is bound to the PPPOE dialup/modem adaptors. The DSL modem is plugged into a switch with the 5 computers. There is no NAT/Router in this setup.

As far as I know, there is a layer 2 ethernet bridge going through the DSL modem to the Access Concentrator/DSLAM, connecting the layer 2 ethernet LAN of the above case, to the telephone company. AFAIK, it is required, otherwise the PPPOE packets wont have anything to ride over to the telco side.

On my ATT DSL connection, using Wireshark, one of the PPPOE packet's MAC address belongs Siara Networks (which was bought by Redback networks), the access concentrator's name is something-Rback-something, so yeah, Im pretty sure im seeing the MAC address of the DSLAM. The MAC address that the DSL modem has when I access it through Telnet is different, and it belongs to the range of the manufacturer of the modem (Efficient Networks), and its different from the PPPOE MAC address.

Now my question is, how easy it is for ATT/Telephone company/DSLAM owner/DSLAM tech/Law Enforcement, to sniff/see/"become a NIC on"/"plug into the layer 2" of the LAN described in the beginning, and then go on Network Neighborhood/My Network Places, and since this guy didn't password protect anything, read/write whatever they want on this guy's LAN? And is this done already for wiretapping?

I realize this would rarely work, since a router will block layer 2 of the LAN, from the layer 2 of the DSL modem, and almost everyone today uses a router, but is this a perfectly valid attack vector, or is there some standard in a DSL modem that mandates MAC filtering except for the Access Concentrator MAC? or does layer 2 really die in the DSL modem and never goes out over ADSL link?
to forum · permalink · · 2008-01-09 02:08:24 · Reply to this
Forums » Tech and Talk » OS and Software » PPPoE

Sunday, 29-Nov 07:40:45 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [122] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [80] TiVo Sees Record Customer Losses
· [73] Weekend Open Thread
· [72] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [62] Thanksgiving Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· AV-Comp. Retrospective/Proactive Test 11/2009 released [Security]
· Maximizing Rogue DPS for 3.1 [World of Warcraft]
· Are GPS's better today? [General Questions]
· Road Runnner up to 50 mbps is ready ! [Road Runner]
· Using DIR-615 C1/3.01 with Trendnet TEW-652BRP in N Mode [D-Link]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· [Snow Leopard] NFS Mounts - no more Directory Utility [All Things Macintosh]
· [Newsgroups] Newzleech down? [Filesharing Software]