For X.25-specific testing, the penetration tester will find the following points helpful when trying to enumerate all the packet-switched network (X.25) connections and trying to gain access privileges to the PAD-enabled systems existing within the target organization:
1. Define if you are examining a private or a public X.25 network.
2. Find valid X.25 address(es), subscribed to or activated by the target company.
3. Define how many virtual channels (VCs) and permanent virtual channels (PVCs) the X.25 link(s) are using and how they are managed (CUG, subaddress mapping, CLID on the calling NUA, incoming X.25 call screening, etc.).
4. List system types and operating programs:
• List of live systems directly connected to the X.25 network(s) and their operating system (COM answers only).
• List of live systems found that are not directly connected to the X.25 network(s)—via CUG brute-force attacks, subaddress scanning, CLID on the calling NUA if X.25 spoofing attacks are applicable, and so on—and their operating status (NA/DTE/RPE answers).
• List of those "bridge systems" that work as gateways from the X.25 to other kinds of networks (TCP/IP, DECnet, Novell) and their operating system.
5. Verify—in the case of bridges to the TCP/IP world—that firewalls and ACLs work properly.
6. List the purpose of the systems used in the company's business.
7. List those applications using the X.25 media to communicate.
8. Describe the data flow of the X.25 connections relating to the company's business purposes and privacy needs.
9. Verify compliance to national laws for any security banners found during testing.
10. Check if the X.25 link accepts reverse charge calls: this applies both to directly and indirectly connected hosts.
11. If reverse charges are accepted by the remote DTE, check if calling DTE (NUA or geographical areas/networks provenience) screening is applied on the reverse charge facility: This can depend on the enduser or the X.25 carrier configuration or the subscriber's options.
12. Verify remote PSDN abuse traces (scanning activity from/to local or foreign networks) checking the last six months of X.25 bill details, as well as traces from the host X.25 logs (incoming and outgoing calls).
13. List system logins and passwords.
Was this article helpful?
Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.