Penetration Testing mailing list archives
Re: [PEN-TEST] PBX Security-norstar systems
From: jason <nonsequiter19 () HOTMAIL COM>
Date: Thu, 5 Oct 2000 14:04:17 GMT
the DR5 is still in service and quite common, but no longer current. nortel's current phone systems are the Compact ICS and Modular ICS. they have remote admin, and there is a win 95/NT admin program available called 'Norstar PC Console Attendant', which directly mimics the functions of the model 7310 telephone. most companies dont bother to change the default password.
I've only audited Meridian systems... but from my experience... you can get some pretty good information to start with. This is how I got the info I did: 1) Got installation manuals for the whole system. 2) Got copies of The system Coordinator Guides. For a Meridian Norstar PBX, These Books are called "Norstar Modular DR5 System Coordinator Guide", "Norstar Modular DR5 Installer Guide", and I got the Installation Guide for the voice-Mail system (which happened to be StarTalk Flash). I know I've seen a DR5.1 of these same manuals... I then called up a company that installs the systems, and acted like I was interested. Yes, this is social engineering a third party, but it was necessary for what I was doing. I asked to talk specifically to one of their installation and troubleshooting engineers because "one of my guys had some really technical questions". I took him out to lunch, drank some beer, and in the end, I got him to give me photocopies of some "undocumented" feature codes, including one which can reset the administrator PIN. I learned the default passwords for the PBX, and a whole ton of feature codes just from reading the manuals. With all the resources I got, any meridian norstar PBX is 100% open to me. It's unfair to use a known back-door when pen-testing. The back-door on Norstar is pretty hard to stumble across, but it is nice to know the default passcodes, and test for things like that. Good luck! -----Original Message----- From: Joe Traietta [mailto:JTraietta () ASAHIBANKNY COM] Sent: Wednesday, October 04, 2000 9:07 AM To: PEN-TEST () SECURITYFOCUS COM Subject: PBX Security I have been asked to perform a security review on the PBX system (NEC NEAX 2000 IVS) at my company. I have virtually no PBX experience, so I was hoping somebody could point me to a good resource, or pass along some personal experience about reviewing / auditing a PBX system. Thank you. Joseph Traietta Data Security Officer Asahi Bank, New York Branch
_________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Current thread:
- Re: [PEN-TEST] PBX Security-norstar systems jason (Oct 05)