September 3rd, 2002, 02:17 AM
War dialing -- hacker techniques
Full article can be found here
In today's ubiquitous networking environment, threats come in all shapes and sizes. And security analysts would like to believe that with a firewall in place, you are safe from network and systems exploitation. This just isn't so. In this article, I will look at one particularly popular attack: war dialing. A war dialing attack is malicious in intent and is a form of penetration into an organization's network designed to elude firewalls and intrusion detection systems (IDS). War dialing attacks involve attempts at gaining access to an organization's internal computing and networking resources via dial-in access. In laymen's terms, the attacker dials a number inside an organization's network to connect to systems behind the organization's firewall or perimeter defenses. This article looks at the most common form of network penetration testing used by both hackers and security auditors today. It then examines exactly what needs to be secured to prevent a war-dialing attack and how to implement it. This article also describes two methods organizations can employ to reduce their exposure to this kind of attack.
September 3rd, 2002, 03:55 AM
War dialing is hardly ever used anymore, though. It stopped working most of the time a while back. Now, though, there are WiFi networks and people can go around and almost do the same thing, but instead of dialing in all they have to do is find the right frequency and vwuala, they can intercept packets and whatnot. Yeh, sure, they use 64-bit encryption sometimes, but that is easily cracked if they use the default algorithms (by exploits usually not patched by lazy admins). Just figured I'd throw in this little bit of info for the other readers.
September 3rd, 2002, 04:15 AM
yeah I remember reading a thread on Ao a while back about how they were using Pringles tins as boosters for intercepting the signals - something to do with the foil lined insides
and no am not making this up
don't think I will ever trust wireless networks.....then again I don't really trust the security of any network, dman its hardwork being paranoid......or maybe am just realistic(!?)
September 3rd, 2002, 04:37 AM
Thanx for the post, sumdumguy. I remember reading an article some time ago saying that Sun would fire any employee caught with a modem connected to their workstation.
Although the hacking technique of Wardialling may not be greatly used, and possibly considered old fashioned, I think one could safely assume that there are more companies out there with modems on their internal network than companies with Wireless Infrastructure.
First rule in being a security professional is that "security by obscurity" is not a mitigation strategy.
I would recommend anyone to remove all modems off their network, and if they are essential in day to day operations, ensure that they are locked down sufficiently (auto-answer off, locking down dial-out capabilities to 1 phone number etc...).
Remember, that you are only as secure as your weakest link!!!
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]
September 3rd, 2002, 07:17 AM
Only very few companies use dial in on their comps.!
I breathe, therefore I am!
I type, therefore I live!
[shadow]I love, therfore I die![/shadow]
September 3rd, 2002, 07:54 AM
Well, I can tell you this. I just started in my company's Security Dept., and I have found that our dialup access points are not secured all too well. I have found that it is not too hard to find a box with a modem attached and PC Anywhere waiting with absolutely no password security. Oh, and don't let the screen not be locked for some reason - then it's open season on the box if someone discovers the dialup number some way. I am trying to get a handle on the analog lines we have attached to servers for remote support. It's definitely a bear! I don't know if war dialers are in use much, but I am sure that there are very many networks that are vulnerable to this type of attack. It's so easy to get information about a company off the web or by social engineering, or whatever means the attacker wants to use. I am quickly finding that modems attached to machines are one of a Security Admin's worst nightmares. I have read articles on how entire networks have been monopolized all starting from an unsecured box with a modem.
Opinions are like
holes - everybody\'s got\'em.
September 3rd, 2002, 05:57 PM
your welcome SoggyBottom..
and retoor.. I have to disagree.. many companies still have dialup access, that's my
only access thru to my company as I'm a remote user.
but what most companies use these days is a vpn connection with something like RSA's
secureID validation (t2k2.. you might check into that)
September 3rd, 2002, 06:43 PM
I work at AZ DOT and they have modems on many computers, the network admins dont really even know they are there they are used to access a pagin system.
So they are out there still.
September 3rd, 2002, 06:55 PM
Yeah sumdum, we are using the RSA SecurID setup for dialup and VPN - it works great, but these boxes are accessed by dialing into them using PC Anywhere. We may look at setting up SecurID on these as well.