Penetration Testing mailing list archives
Re: [PEN-TEST] War Dialers
From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Tue, 5 Sep 2000 12:14:17 -0700
On Tue, 5 Sep 2000, Todd Beebe wrote:
Mark,Yes, but placing a Telewall Firewall in-line with a very busy PBX (over 8 T-1s) can cause a bottle neck.I am not sure what you mean by bottleneck. If you are referring to latency, the TeleWall doesn't add any measurable latency to the line. As for capacity, each of those T1s can handle at most 24 simultaneous calls, and each T1 TeleWall appliance also can easily handle 24 simultaneous calls. It is tested with a load generator which creates a constant stream of short duration calls (the worst case). If your referring to the management server, a single TeleWall Management server could handle upwards of 100 fully utilized appliances.
The bottleneck is if you place the TeleWall in direct (inline) between the CO and the PBX, there is no latency, but total disconnects. At a very large insurance company last winter, we had tried an evaluation box, and on avg this insurance company gets about 10,000 calls every 5 minutes, TeleWall was dropping over a quarter of the calls.
This is an extremely bad design for large nationwide insurance companies.I am not sure what you are referring to in the design, but the architecture was built to easily scale, and we have national customers who are now planning the rollout of upto 10,000 appliances for a single enterprise.
The problem is the number of devices, and the application 10,000 applicances for a single enterprise. What would happen if you were to propose this type of architecture to a large ISP.. This does not scale.
Thanks. Todd Beebe, CISSP -----Original Message----- From: Teicher, Mark [mailto:mark.teicher () NETWORKICE COM] Sent: Sunday, September 03, 2000 9:29 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] War Dialers Yes, but placing a Telewall Firewall in-line with a very busy PBX (over 8 T-1s) can cause a bottle neck. This is an extremely bad design for large nationwide insurance companies. The Telewall Firewall was not successful at the last place I was consulting at. It is not compatible with the larger Lucent or WilTel equipment. /m At 02:10 PM 9/1/00 -0500, Todd Beebe wrote:To clarify some information about the SecureLogix products for telephony security: TeleSweep Secure Scanner is a distributable dialer/vulnerability scannerforremote access servers that has penetration testing capabilities. TeleWall Firewall is a distributable appliance that connects between a PBX and the CO and allows administrators to control voice and data trafficusinga security policy thats very similar to most policy-based ip onlyfirewalls.Admins can set policy that allows or terminates traffic based on source, destination, call type, time of day, etc. It is PBX independent. -----Original Message----- From: Destefano, Robert [mailto:RRD () PARA-PROTECT COM] Sent: Friday, September 01, 2000 11:29 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] War Dialers The older version of PhoneSweep wasn't the best in the world although I haven't gotten around to using the newer version. In reference to the other new product SecureLogix has.. TeleWall - From all the tests I have personally seen, it seems to work extremely well not only from a security standpoint but from a management standpoint as well. It acts as a firewall for phone systems from the PBX... It can detect voice/fax/data modes and lock certain numbers to only certain means of comms. (ie.. avoiceonly can't have a modem unknowingly connected to it - you have to activate it on the management console.) my .02 Rocky
Current thread:
- Re: [PEN-TEST] War Dialers, (continued)
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 03)
- Re: [PEN-TEST] War Dialers Laumann, Dave (Sep 02)
- Re: [PEN-TEST] War Dialers Todd Beebe (Sep 03)
- Re: [PEN-TEST] War Dialers Kurt Buff (Sep 03)
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 05)
- Re: [PEN-TEST] War Dialers Todd Beebe (Sep 03)
- Re: [PEN-TEST] War Dialers Batten, Gerald (Sep 05)
- Re: [PEN-TEST] War Dialers iNature - David Martin (Sep 05)
- Re: [PEN-TEST] War Dialers Todd Beebe (Sep 05)
- Re: [PEN-TEST] War Dialers Todd Beebe (Sep 05)
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 05)
- Re: [PEN-TEST] War Dialers Batten, Gerald (Sep 05)
- Re: [PEN-TEST] War Dialers O'Grady, Michael (Sep 05)
- Re: [PEN-TEST] War Dialers Todd Beebe (Sep 05)