|
to nh5
Re: Tapping fiberPlus to even do this would require hardware that can tune to the different wavelengths in use.. That kind of hardware isn't cheap at all.
Cost alone would prevent most people from doing it. |
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Nov-28 10:21 am
It's not like that's your standard ethernet FDDI cable. Maybe physically, but the ONT turns it into your standard ethernet signal, it comes in as a PON signal that only the ONTs can use. Why would you want to split that FTTP cable yourself anyway? You would just need another ONT, and Verizon wouldn't let you do that yourself to begin with. They have to provision that new ONT before they let you on the network. It's not like you can just split and start stealing cable like the old coax networks. |
|
|
I'll read up on commercial ONTs a bit, but it seems that it is a device that could be stolen or purchased. Given that you have a 2nd ONT, and the aforementioned cheap splitter, could you surreptitiously capture traffic? Moreover, since the ONT gets multiple customers' signals as part of the PON traffic, could you tune the 2nd ONT and see other customer traffic? Thanks! |
|
nycdave MVM join:1999-11-16 Melville, NY |
said by rockwell4:I'll read up on commercial ONTs a bit, but it seems that it is a device that could be stolen or purchased. Given that you have a 2nd ONT, and the aforementioned cheap splitter, could you surreptitiously capture traffic? Moreover, since the ONT gets multiple customers' signals as part of the PON traffic, could you tune the 2nd ONT and see other customer traffic? Thanks! No, not possible. |
|
|
to rockwell4
said by rockwell4:since the ONT gets multiple customers' signals as part of the PON traffic, could you tune the 2nd ONT and see other customer traffic? It's easier to get a wiretap order then just feed the mirrored signal straight from the CO. There isn't a great enough need to do so to feed the budget required to brute force the system. Cheaper to buy a judge. |
|
McBane join:2008-08-22 Wylie, TX |
to rockwell4
On PON networks the traffic is encrypted between the ONT and OLT (Head end router). Even if you split and sniffed the traffic you would need a quantum computer to decrypt it, which is something that is not readily available unless you are a research scientist. Same concept as how the cable internet networks operate, just much different on the physical layer since we're not using coax here for delivery. |
|
|
Thanks McBane. Does GPON offer/do the same encryption as BPON? |
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Nov-30 10:06 am
Yes basically everything BPON and above offers the encryption, which is everything Verizon uses for FiOS since they currently only deploy BPON and GPON. |
|
nh5 join:2006-01-21 Old Bethpage, NY |
to McBane
considering how exploitable most DOCSIS networks are wouldn't be surprised if you could clone a ONT and get it online. |
|
|
Thanks for the replies. While knowing how to do a tap isn't that important to me, I would like to understand at a technical level why it won't work. I need this to address executive worries. Thanks again. |
|
|
Navillus5
Anon
2012-Dec-5 5:58 pm
FTTP networks are extremely secure. Cloning an ONT or "finding" a spare does nothing for you. Each ONT is authenticated to the PON fiber it is on. The authentication is from the OLT (CO side) to the ONT. The ONT can only talk to the OLT if there is a spare slot AND the OLT is expecting that ONT to be on the PON fiber. Until the OLT allows the ONT on the PON, no downstream information other than communication commands for authentication can be read. Once the OLT allows the ONT on to the PON system, it can only read the information intended for that ONT. So to truly "tap" the fiber, you need to be on the provisioning side of the system. |
|
|
to buckweet1980
If there is a certain risk vs. reward expensive equipment may be a good investment. It may be out side of the reach of an average hobby hacker but not for someone who has criminal intentions. |
|
PoloDude Premium Member join:2006-03-29 Aiken, SC |
PoloDude
Premium Member
2012-Dec-8 1:39 pm
If someone wants your data , there are far better ways to get it then tapping your FiOS line. The only thing that can be gotten from that is live data transmissions. Think of the REAMS of data that is flowing at any time on a business circuit. |
|