[ISN] Wardialer Goes Corporate

From: mea culpa (jerichot_private)
Date: Thu Oct 08 1998 - 11:29:36 PDT

  • Next message: mea culpa: "[ISN] Senate Passed Digital Millenium Copyright ACT"

    Forwarded From: blueskyt_private
    Wardialer Goes Corporate
    by Michael Stutz 
    5:45 p.m.  7.Oct.98.PDT
    Wardialing was made popular in the 1983 film, War Games, but despite the
    Hollywood plug, many corporations are still vulnerable to this kind of
    cracker exploit.
    And now wardialers are on the street.  Sandstorm Enterprises unveiled the
    first commercial wardialer last week. A standard for crackers, the
    software programs dial telephone numbers and search for open connections
    that might serve as entry points to computer or telecommunications
    "[Wardialing] remains one of the best ways to bypass a properly deployed
    firewall," said Brian Martin, senior security engineer for
    penetration-assessment consultants RSI.  "While the media and many
    security companies harp on having expensive and elaborate firewalls,
    admins repeatedly leave unsecured modems behind the firewall -- often
    allowing full access to the corporate Intranet."
    PhoneSweep, available for Microsoft's Windows 95, 98, and NT operating
    systems, is a graphical wardialer that uses a commercial SQL database to
    record the numbers it reaches. Its features include brute-force username
    and password guessing, as well as screening fax-machine detection. It also
    avoids the accidental dialing of 911.
    "It goes far beyond what any wardialer can do,"  said Simson Garfinkel,
    Sandstorm chief financial officer and co-author of the program. Garfinkel
    is a former contributor to HotWired, a division of Wired Digital.
    Most of the current wardialers were written in the 1980s by high school
    students interested in committing toll fraud, said Garfinkel. The more
    recent ones, he added, were built by crackers who wanted to commit
    computer fraud. 
    Martin said that many of PhoneSweep's features -- including fax screening
    and multimodem support -- can be found on some of the free wardialers,
    like ToneLoc. "However, I think this tool might be quite useful," Martin
    said. "Unlike the free tools out there, this one is designed with
    corporate audit specifically in mind -- which is the key."
    Peter Shipley, founder of Berkeley, California-based security consulting
    firm Network Security Associates, has been running a research study on
    wardialing. Shipley said he has dialed about 4.8 million numbers, gaining
    access to systems that controlled a company's Internet connection,
    environment controls for large buildings, and a fire department deployment
    Shipley said that password guessing is only good if the program can
    automatically determine the kind of system it is running -- a feature that
    no wardialer has.
    Martin added that nothing beats interacting with a found system hands-on. 
    "If I was a security-savvy admin, it would be trivial to fool this program
    into thinking my system was something else," Martin said.
    PhoneSweep Basic, which costs US$980, controls one modem and holds 300
    numbers in a scanning profile. PhoneSweep Plus, for $2,800, can control
    four modems simultaneously and holds 10,000 numbers
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:07:00 PDT