Penetration Testing mailing list archives
Re: [PEN-TEST] Modem detection without dialing
From: Mark Curphey <mark () CURPHEY COM>
Date: Mon, 20 Nov 2000 21:36:01 -0500
Under NT you will find the file modem.sys is loaded into kernel space. Pretty simple to make the check across the LAN with the proviso that you need to have admin rights on the target to read the properties. This is how some popular commercial scanners check, but they won't tell you if they couldn't connect with the appropraite level of access and thus you will get a good degree of false negatives. If you used ISS scanner you would need to manually trawl through the session log (yawn...) Of course this doesn't differentiate between a dial-in or dial-out modem but that is a further registry setting I think? Checking for the RAS service doesn't work as Palms, and CE's start that service and so you will get lots of false positives. ----- Original Message ----- From: "Blair, Glenn" <glenn.blair () SCOTIABANK COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Monday, November 20, 2000 2:15 PM Subject: [PEN-TEST] Modem detection without dialing
I am wondered if there is a product which can detect the existence of a
modem,
without the need for the modem to be connected ?. Specifically, in a LAN
environment,
can an administrator/pen tester identify a modem through the network, rather than through the telephone network. Any thoughts would be appreciated. Glenn Blair Sr. Security Specialist 888 Birchmount Rd 6th Floor tel. (416) 285-2498 fax (416) 288-5055 glenn.blair () scotiabank com
Current thread:
- [PEN-TEST] Modem detection without dialing Blair, Glenn (Nov 21)
- Re: [PEN-TEST] Modem detection without dialing Darryl Luff (Nov 22)
- Re: [PEN-TEST] Modem detection without dialing Steve (Nov 23)
- Re: [PEN-TEST] Modem detection without dialing Eric (Nov 22)
- Re: [PEN-TEST] Modem detection without dialing Mark Curphey (Nov 22)
- Re: [PEN-TEST] Modem detection without dialing Rietveld, Peter (Nov 22)
- <Possible follow-ups>
- Re: [PEN-TEST] Modem detection without dialing Brooke, O'neil (EXP) (Nov 22)
- Re: [PEN-TEST] Modem detection without dialing Ng, Kenneth (US) (Nov 22)
- Re: [PEN-TEST] Modem detection without dialing Ben Ford (Nov 22)
- [PEN-TEST] WAP penetration TEST Roberto Poblete (Nov 23)
- Re: [PEN-TEST] WAP penetration TEST Jim Ovecka (Nov 23)
- Re: [PEN-TEST] WAP penetration TEST Drew Simonis (Nov 23)
- Re: [PEN-TEST] WAP penetration TEST Van der Zanden (Nov 23)
- [PEN-TEST] WAP penetration TEST Roberto Poblete (Nov 23)
- Re: [PEN-TEST] Modem detection without dialing Jason Sheffield (Nov 28)
- Re: [PEN-TEST] Modem detection without dialing Michael Gough (Nov 29)
- Re: [PEN-TEST] Modem detection without dialing Darryl Luff (Nov 22)