Penetration Testing mailing list archives

Re: FW: RE Modem identification

From: Bikar Dude <bika () nuclear biodome org>
Date: Sat, 22 Sep 2001 18:17:53 -0400 (EDT)

Regardless of TeleSweep or PhoneSweep it is an ASCII text
banner match issue.  In our tests the jury is still out but
I would tend to agree with Nate that PhoneSweep might be
doing a better job of classifying the modems that were found
than TeleSweep as of late; most recent release against most
recent release.  Run your own drag race and see.

Would be curious to see results of this, too.

I looked @ wardialers about a month back went with TeleSweep. Be sure to
check out compatible & suggested modem lists from a product before
choosing. I went with a suggested 6 modem internal PCI card - physical
footprint and wiring logistics for 6 modems didn't sound fun nor did
messing with a PRI & Ascend Max. 6 lines @ 50 seconds/call ~= 450 call/hr
or 10k in 3 evenings. Performance junkies: larger weapons available at:
http://www.empirix.com/empirix/voice+network+test/products/telephony+performance+test.html

Some bad points about Telesweep:

Missed an AS/400. Someone else said this was 3270/3278 emulation
which Telesweep doesn't have a signature for (?).

It dropped a few numbers in a simple 1000 number range (always check your
results!)

Some good points for Telesweep:

Pretty inexpensive - $1k software + $700 hardware. I can't
imagine most of us needing a distributed, enterprise enabled,
ODBC backended, client server _war dialer_.

//* ObHacker: Pick any 6 unix utilities and write a complete war-dialer.
ObHacker++: Try to reduce the total number of letters in the 6 commands to
less than 20. *//

Simple (good) reports. HTML tables were handy for some things but I mostly
just used the .CSV which is generated at scan time. Also very handy were
the transaction logs - ASCII & hex dump of all modem calls. In a few cases
just by reading this I was able to identify systems pretty easily without
actually dialing them again.

-b

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

RE Modem identification Nate . King (Sep 21)
- <Possible follow-ups>
- FW: RE Modem identification Stephan Barnes (Sep 22)
  - Re: FW: RE Modem identification Bikar Dude (Sep 23)
- RE: FW: RE Modem identification Stephan Barnes (Sep 25)
- RE: FW: RE Modem identification Dawes, Rogan (ZA - Johannesburg) (Sep 25)
  - Re: FW: RE Modem identification olle (Sep 26)
  - Re: FW: RE Modem identification Pawel Krawczyk (Sep 26)