 joakoPremium
join:2000-09-07
/dev/null
kudos:5
 ·Comcast
1 edit | reply to quetwo
Re: Excellent!! said by quetwo:said by joako:Most of these banks also send a good amount of their voice traffic over T1 (voice) lines which would be trivial to tap into, even down the road. It is actually very difficult to tap into a T1 service. T1 lines uses a very sporratic form of CRC checking for SLIP errors. Any loss on the line would disrupt the communicaiton and cause major alarms on the equipment on either side. You usually can't get a tone/test on a pair NEAR a T1 before it causes it to slip. Mind you, if you use an official CSU (or similar device with a monitor bypass port), you can technially sniff the T1, but these should be in fairly secure areas (at the CO and the cust prem). "major alarms" sorry no. Yes the T1 interface might go into red alarm for a second... the end on the CO is certainly not monitored. The "alarm" is more of a name than anything. If you call in a trouble ticket yes they will look at it but otherwise no.
Same at the other end... noones going to be monitoring the routers to see if there is a problem. Normally there are no IT persons at the banks. Even if the equipment were reporting the line status to a remote point, they aren't going to go on a witch hunt for the remote chance that someone somewhere might be tapping the line. If they are gathering that info they are trying to determine a long term pattern of problems so the telco can fix it.
OTOH I'm not saying it's as easy or trivial to tap into a T1 line as say an analog phone line with a buttset.
--
09:F9:11:02:9D:74:E3:5B:D8:41:56:C5:63:56:88:C0 |
 quetwoThat VoIP GuyPremium
join:2004-09-04
East Lansing, MI | I wouldn't say that to be true. At my last job, I worked for a contactor that was responsible for responding to these alarms. Most banks have lightspans to their HQ where a tap on the T1 would show large amounts of attenatituion/loss. Our equipment would alarm out to us on a red or yellow, and we would be be in the equipment to check it out. Any additional slips, or additional signal loss would be an immediate call to the LEC's major account center. If it looked fishy, we would also call the bank's security group.
Almost every time when we caught something, it ended up being a wet transport cable or a janitor leaning a broom against the 66 block. I would get my inital notification within 30-60 seconds, with the rest of the processes kicking off within minutes. That is almost as much time as it would take an attacker to sync up with the D-channel, to even be able to dump the ISDN frames.
Most banks cherish their T1's. Remember that most of their ATM's will run off ISDN-BRI/PRI, so even something as small as a slip could be financially impacting to an end user. Banks don't want to risk loosing customers based on a technology issue (they want to save up their grace for bad customer service ;P ) |
