Hackers rediscover war dialling
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Hackers rediscover war dialling

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    472

    Hackers rediscover war dialling

    Unsecured modems offer easy access to corporate systems.

    Hackers are again using war dialling to break into corporate networks, security experts have warned.
    NTA Monitor said that companies are not taking sufficient precautions against war dialling, which involves scanning telephone lines to find unsecured modems and create backdoors into corporate networks.

    The practice emerged as an issue in the early 1980s but, while most companies have forgotten about it, hackers are now reacting to increased security in corporate networks.

    A survey conducted by NTA Monitor between August and September showed that the issue had been widely overlooked, with 22 per cent having no knowledge of the hacking method.

    Almost a quarter of respondents admitted that there are unauthorised modems attached to their systems, with as many as 20 rogue modems present at one site.

    Over a third of organisations had found unauthorised modems in the past, but 68 per cent had no controls in place to detect modem scanning attempts on their systems.

    This means those companies have no way of knowing whether they have been attacked or whether they have unsecured modems attached to their systems.

    Four out of five firms had never conducted a third-party war dialling test run against their systems.

    On average, modems are found in 0.75 per cent of a corporate's telephone number range, so a mid-sized company with 10,000 numbers will typically contain 75 modems.

    "This should cause major concern, as it only takes one unsecured modem to permit a hacker to gain access to an organisation's systems," said NTA Monitor's technical director Roy Hills.

    "Imagine the situation for a company with 5,000 extensions over 20 sites. How can it ever be sure that no rogue modems are attached to any of those lines, without testing them?"


    Source : http://www.vnunet.com/News/1144060
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  2. #2
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    wow, that brings back memories of boxes, laptops and many a sleepless night
    yeah, I\'m gonna need that by friday...

  3. #3
    Member
    Join Date
    Jun 2003
    Posts
    42
    I guess what they say about history repeating itself is true.

  4. #4
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    This has never really died out. I think they are just bringing it to the front of everyone's brain again so that people do not forget to audit for modems as well.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  5. #5
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    Originally posted here by Juridian
    This has never really died out. I think they are just bringing it to the front of everyone's brain again so that people do not forget to audit for modems as well.
    I think I'd have to agree with you here.

    It never really went anywhere. Yet it is still a very valid point of entry.

    Sometimes the hardest things to see, are those that you have already grown past. Never forget your roots. They are the reason you are, who you are.

    No real point in locking the doors, if you are just gonna leave the windows unlocked.
    Your heart was talking, not your mind.
    -Tiger Shark

  6. #6
    Banned
    Join Date
    May 2003
    Posts
    23


    Brisbane Broncos captain Gorden Tallis said he had relinquished the greatest honour in rugby league by announcing his retirement from all representative football.

    Tallis was set to lead Australia on the Kangaroo tour of Great Britain and France next month but said his body had "sort of fallen apart" and could no longer handle the rigours of top-level football.

  7. #7
    Junior Member
    Join Date
    Oct 2003
    Posts
    21
    Those who do not learn from histroy are doomed to repeat it.
    ~George Santayana
    Malefactoris vester ante accedo...
    ~Arcani

  8. #8
    Banned
    Join Date
    Oct 2002
    Posts
    133
    I really had'nt thought about war dialing since prolly 96 when my friend used to "do it" though he never really succeded I don't think. I agree and think its should be an issue becuase a whole bunch of users are still on dialup........ WTF with the big red letters FAQ, football???

  9. #9
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    It's not just the users that are on dialup. Alot of companies have people who put unauthorized (and some are authorized) modems into their machines and hook em up to phone lines. They think it will be easier for them to have remote access this way instead of going through the proper channels....though it also gives the attackers another point of entry.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    224

    Thumbs up

    Right on with the roots theory.
    I belive that war dialing has always been in effect, althought using as a method of access may have decreased in priority recently as Broadband has become readily and cheaply available. However, the focus on making such a creature of necessary evil secure has left the security of modems under a layer of dust. The statistics are amazing. It would probably not be a bad idea to know at all times how many modems are in your data center. (Don't forget to look under that raised floor)
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •