Firewall Wizards mailing list archives
Re: war dialers, are they a current threat?
From: Eric Budke <budke () budke com>
Date: Wed, 22 Dec 1999 19:26:12 -0500
At 02:35 PM 12/21/99 , R. DuFresne wrote:
Do folks here consider war dialers a real threat in this day in age?
In terms of can people use them to find available modem lines, and do those lines often provide access to a company's network? Yes. How often they use them is up for debate. Depends a lot on who "they" are I guess and what other types of access they may have to your network.
How would others respond to a request in install a modem for dialup access to a server that one cannot secure becuase: 1) There's no compiler to install tools to try and secure the system 2) You are supposed to make this soft chewy available to the whole inside network
The root problem of the majority of boxes we seem to get into (through dial-up or other means) is bad user management. If you stick a lucent PBX up with a username/password combo of lucent/lucent, someone is going to figure it out eventually. You could make it easier on them by announcing it as being a lucent PBX.
If the box has some logging capability, you should be able to at least track when someone is trying to guess passwords. You could make sure user accounts and passwords are kept to a minimum, as well as checking for good combinations of them. Or you could also connect it to a term server and have the term server take care of your authentication for you (smart cards, secure-id, s/key, rectal or retinal scans, etc.)
Being that your pbx has no dialback feature, what's the best way to protect such a setup, if there is one?
Dialback can at least by some be defeated w/o much work. Then again, nothing is perfect.
Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
-- PGP Key can be found at http://www.budke.com/pgp/budke_budke_com.txt
Current thread:
- Re: ipchains FW, monitoring for scans, & how to react to them, (continued)
- Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them R. DuFresne (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Crispin Cowan (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Crispin Cowan (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
- war dialers, are they a current threat? R. DuFresne (Dec 22)
- Re: war dialers, are they a current threat? S. Jonah Pressman (Dec 24)
- RE: war dialers, are they a current threat? Joseph Judge (Dec 26)
- Re: war dialers, are they a current threat? Dorian Moore (Dec 28)
- Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
- Message not available
- Re: war dialers, are they a current threat? Eric Budke (Dec 24)
- Re: ipchains FW, monitoring for scans, & how to react to them cbrenton (Dec 23)