Penetration Testing mailing list archives

Re: Nortel Security

From: h0pper () hushmail com
Date: Mon, 2 Jul 2001 04:17:15 +0000 (PDT)

I've been asked to review the security of our Nor-tel
Meridian PBX. I've searched Google & Yahoo and can't
find to much to aid me in this. Can anyone point me to
some good information on key things to audit/test?


There's a couple of papers on auditing PBX environments at  NIST:
NIST SP 800-24, PBX Vulnerability Analysis, National Institute of Standards 
and 
Technology, 2000.

These can be found at:
http://www.itl.nist.gov/lab/bulletns/bltnaug00.htm 
http://csrc.nist.gov/publications/nistpubs/800-24/sp800-24pbx.pdf

Particularly fruitful areas of investigation with the Meridian are Voicemail-
 the default password for voicemail accounts is the same as the extension 
number, and users aren't necessarily forced to change them, and also administrative 
access- if teh PBX is managed by an outside company, they will typically 
use the same password for all sites. Access on these lines is almost never 
encrypted.

Other possibilities centre around remote toll access- dial a freephone number 
to a company PBX, enter a passcode and get a dialtone with open access. 
This has been a major source of abuse in the past.

Free, encrypted, secure Web-based email at www.hushmail.com

--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/

Current thread:

Re: Nortel Security Jason Ellison (Jul 01)
- <Possible follow-ups>
- RE: Nortel Security Mike . Ruscher (Jul 01)
- Re: Nortel Security H D Moore (Jul 01)
  - Re: Nortel Security Mark Rowe (Jul 10)
- Re: Nortel Security h0pper (Jul 02)