RE: Security Posture Assessment

From: Robert Masse (rmasse@gosecure.ca)
Date: Sun Nov 16 2003 - 08:42:21 EST

Some thoughts:
 
It all depends on the volume.
 
We recently completed a war dial of 30,000 numbers and let me tell you
that this is not a technology issue but a project management issue.
 
-Profiles are 10K maximum in Phone sweep
-10 different time zones to deal with
-Each time zone/profile has different start/stop times (business hours,
off hours, weekends, etc)
-Make sure you have some sort of quality control to check every XX
number
-The 'automatic system recognition' isn't perfect so you need to do
followups
 
So if you need to test 1000 numbers any open source/free product will
do. But for any type of industrial work you will need Phonesweep. If
this is your business, it's a simple investment that should pay itself
off quickly. For many of our general IT audits we include a modem
sweep.
 
Rob
 
-----Original Message-----
From: William J. Craig [mailto:wjcraig@netteksecure.com]
Sent: November 13, 2003 8:51 AM
To: Bob; pen-test@securityfocus.com
Subject: RE: Security Posture Assessment
 
Toneloc will run on com port 1 or 2 with any of the us robotic modems.
However phone sweep is the best risk assessment tool for war dialing. It
has built in brute forcing and reporting.
        -----Original Message-----
        From: Bob
        Sent: Sun 11/9/2003 9:33 PM
        To: pen-test@securityfocus.com
        Cc:
        Subject: Security Posture Assessment
         
        I am looking for imput from folks who have performed security
posture assessments as to the best free alternative to Phone Sweep. I
have heard good things about toneloc, but have been unsuccessful at
getting it to initialize any of the five modems I have attempted. The
basic configuration seems to be no more complicated than a COM port and
an IRQ setting so please let me know if you think there is something I
am missing. If you have gotten it to work what do you think is the best
modem for toneloc?
        
        
------------------------------------------------------------------------ 

---
	Network with over 10,000 of the brightest minds in information
security
	at the largest, most highly-anticipated industry event of the
year.
	Don't miss RSA Conference 2004! Choose from over 200 class
sessions and
	see demos from more than 250 industry vendors. If your job
touches
	security, you need to be here. Learn more or register at
	http://www.securityfocus.com/sponsor/RSA_pen-test_031023
	and use priority code SF4.
	
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:42 EDT