Firewall Wizards mailing list archives

Re: war dialers, are they a current threat?

From: Eric Budke <budke () budke com>
Date: Wed, 22 Dec 1999 19:26:12 -0500

At 02:35 PM 12/21/99 , R. DuFresne wrote:

Do folks here consider war dialers a real threat in this day in age?

In terms of can people use them to find available modem lines, and do thoselines often provide access to a company's network? Yes. How often they usethem is up for debate. Depends a lot on who "they" are I guess and whatother types of access they may have to your network.

How would others respond to a request in install a modem for dialup access
to a server that one cannot secure becuase:

1)  There's no compiler to install tools to try and secure the system


2)  You are supposed to make this soft chewy available to the whole inside
network

The root problem of the majority of boxes we seem to get into (throughdial-up or other means) is bad user management. If you stick a lucent PBXup with a username/password combo of lucent/lucent, someone is going tofigure it out eventually. You could make it easier on them by announcing itas being a lucent PBX.

If the box has some logging capability, you should be able to at leasttrack when someone is trying to guess passwords. You could make sure useraccounts and passwords are kept to a minimum, as well as checking for goodcombinations of them. Or you could also connect it to a term server andhave the term server take care of your authentication for you (smart cards,secure-id, s/key, rectal or retinal scans, etc.)

Being that your pbx has no dialback feature, what's the best way to
protect such a setup, if there is one?

Dialback can at least by some be defeated w/o much work. Then again,nothing is perfect.

Thanks,

Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


--
PGP Key can be found at http://www.budke.com/pgp/budke_budke_com.txt

Current thread:

Re: ipchains FW, monitoring for scans, & how to react to them, (continued)
- - Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
    - Re: ipchains FW, monitoring for scans, & how to react to them R. DuFresne (Dec 21)
- Re: ipchains FW, monitoring for scans, & how to react to them Crispin Cowan (Dec 21)
  - Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
    - Re: ipchains FW, monitoring for scans, & how to react to them Crispin Cowan (Dec 21)
    - Re: ipchains FW, monitoring for scans, & how to react to them Danny Rathjens (Dec 21)
    - war dialers, are they a current threat? R. DuFresne (Dec 22)
    - Re: war dialers, are they a current threat? S. Jonah Pressman (Dec 24)
    - RE: war dialers, are they a current threat? Joseph Judge (Dec 26)
    - Re: war dialers, are they a current threat? Dorian Moore (Dec 28)
    - Message not available
    - Re: war dialers, are they a current threat? Eric Budke (Dec 24)
- Re: ipchains FW, monitoring for scans, & how to react to them daN. (Dec 30)
- Re: ipchains FW, monitoring for scans, & how to react to them Thom Dyson (Dec 21)
  - Re: ipchains FW, monitoring for scans, & how to react to them cbrenton (Dec 23)
- Re: ipchains FW, monitoring for scans, & how to react to them Robert Graham (Dec 22)