Security Incidents mailing list archives

Re: Company being War Dialed

From: James.Phillips () mutualofomaha com
Date: Mon, 21 Apr 2003 12:15:40 -0500


We've seen instances here with the symptoms you describe. In our case, it
was a fax marketeer who was war dialing our entire prefix looking for fax
machines.
We used a machine with a modem & mgetty+sendfax to confirm by routing a
number of unused voice lines to the box.

james r phillips
I/S Security  Compliance & Quality Assurance


                                                                                                                        
             
                      "Fred Kreitzberg"                                                                                 
             
                      <paranoid_with_caus        To:       incidents () securityfocus com                               
                
                      e () mail com>                cc:                                                                 
                
                                                 Subject:  Company being War Dialed                                     
             
                      04/17/2003 06:13 PM                                                                               
             
                                                                                                                        
             
                                                                                                                        
             




The war dialing started last night and has continued throught the day.
They are being very noisy, staying on the line with a steady beep, beep,
beep long enough to leave a voice message.  The calling has occcured on two
different prefixes so I am concerned my company is being targeted.

Our local service provider's security and fraud team has not been able to
identify a single source of the calls.

We have recently done our own War-dail and feel we know all our modems are
secured correctly.

Any thoughts on additional steps I should be taking?

thanks
Phred
--
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup


----------------------------------------------------------------------------

Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts.  The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches.  Deadline for the best rates is April 25.  Register today to

ensure your place. http://www.securityfocus.com/BlackHat-incidents
----------------------------------------------------------------------------










----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------

Current thread:

Company being War Dialed Fred Kreitzberg (Apr 19)
- Re: Company being War Dialed Brett Glass (Apr 19)
- Re: Company being War Dialed Kurt Seifried (Apr 21)
- RE: Company being War Dialed Curt Purdy (Apr 21)
- Re: Company being War Dialed public list (Apr 21)
- <Possible follow-ups>
- Re: Company being War Dialed James . Phillips (Apr 21)
- RE: Company being War Dialed James . Jackson (Apr 21)
  - RE: Company being War Dialed nospam (Apr 23)