Re: [PEN-TEST] War Dialers

["Teicher, Mark" <mark.teicher () NETWORKICE COM>]

On Tue, 5 Sep 2000, Todd Beebe wrote:

> Mark,
>
> > > Yes, but placing a Telewall Firewall in-line with a very busy
> > > PBX (over 8 T-1s) can cause a bottle neck.
>
> I am not sure what you mean by bottleneck.  If you are referring to latency,
> the TeleWall doesn't add any measurable latency to the line.  As for
> capacity, each of those T1s can handle at most 24 simultaneous calls, and
> each T1 TeleWall appliance also can easily handle 24 simultaneous calls.  It
> is tested with a load generator which creates a constant stream of short
> duration calls (the worst case). If your referring to the management server,
> a single TeleWall Management server could handle upwards of 100 fully
> utilized appliances.

The bottleneck is if you place the TeleWall in direct (inline) between the
CO and the PBX, there is no latency, but total disconnects.  At a very
large insurance company last winter, we had tried an evaluation box, and
on avg this insurance company gets about 10,000 calls every 5 minutes,
TeleWall was dropping over a quarter of the calls.

> > > This is an extremely bad design for large nationwide insurance companies.
>
> I am not sure what you are referring to in the design, but the architecture
> was built to easily scale, and we have national customers who are now
> planning the rollout of upto 10,000 appliances for a single enterprise.
The problem is the number of devices, and the application 10,000
applicances for a single enterprise.  What would happen if you were to
propose this type of architecture to a large ISP.. This does not scale.

> Thanks.
>
>
> Todd Beebe, CISSP
>
>
>
>
> -----Original Message-----
> From: Teicher, Mark [mailto:mark.teicher () NETWORKICE COM]
> Sent: Sunday, September 03, 2000 9:29 AM
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: Re: [PEN-TEST] War Dialers
>
>
> Yes, but placing a Telewall Firewall in-line with a very busy PBX (over 8
> T-1s) can cause a bottle neck.  This is an extremely bad design for large
> nationwide insurance companies.  The Telewall Firewall was not successful
> at the last place I was consulting at. It is not compatible with the larger
> Lucent or WilTel equipment.
>
> /m
>
> At 02:10 PM 9/1/00 -0500, Todd Beebe wrote:
> > To clarify some information about the SecureLogix products for telephony
> > security:
> >
> > TeleSweep Secure Scanner is a distributable dialer/vulnerability scanner
> for
> > remote access servers that has penetration testing capabilities.
> >
> > TeleWall Firewall is a distributable appliance that connects between a PBX
> > and the CO and allows administrators to control voice and data traffic
> using
> > a security policy thats very similar to most policy-based ip only
> firewalls.
> > Admins can set policy that allows or terminates traffic based on source,
> > destination, call type, time of day, etc.  It is PBX independent.
> >
> > -----Original Message-----
> > From: Destefano, Robert [mailto:RRD () PARA-PROTECT COM]
> > Sent: Friday, September 01, 2000 11:29 AM
> > To: PEN-TEST () SECURITYFOCUS COM
> > Subject: Re: [PEN-TEST] War Dialers
> >
> >
> > The older version of PhoneSweep wasn't the best in the world
> > although I haven't gotten around to using the newer version.
> > In reference to the other new product SecureLogix has.. TeleWall - From all
> > the tests I have personally seen, it seems to work extremely well not only
> > from a security standpoint but from a management standpoint as well.  It
> > acts as a firewall for phone systems from the PBX... It can detect
> > voice/fax/data
> > modes and lock certain numbers to only certain means of comms. (ie.. a
> voice
> > only can't have a modem unknowingly connected to it - you have to activate
> > it on the management console.)
> >
> > my .02
> > Rocky