Looking for good info on securing frame-relay

[Guest_imported]

I have been told that anyone, if they know the rigth information, can
build a PVC into your network. Being "told" this is generally not good
enough to take to management in your risk analysis process when
asking for monies to buy VPN solutions. Can anyone point me in
a good direction which points out the specific vulnerabilities?
Even better would be real life examples, instead of theory, but
that is probably asking too much.
Thanks
Sty

 

[wybnormal]

The only ones that "build" a PVC into your network are the Telcos. A frame relay PVC uses 4 DLCIs.. 2 are yor ends and 2 are the endpoints at the CO end. About the only way I know of to get into "your" PVC is to use something intrusive like the NAI Sniffer Book with the FR option plug in. This allows you to sniff the actual frame relay connection. Of course, many things can be done at the switch level but that is completely out of your control. A better (??) solution with frame relay would to be run point to point encryption. You can either get the routers to do this ( assuming the right box) or a "black box" solution that goes between the router and the frame circuit.

Now.. with all that said.. if someone knows more.. post it and educate us

Mike S