Syrinx Technologies
FOLLOW US
  • Home
  • Company
  • Services
    • Services List
    • Testimonials
  • Blog
  • Publications
    • Podcasts
    • Articles
    • Presentations
  • FAQ
    • FAQ Blog
  • Contact

Q: Does it still make sense to test for dial-in vulnerabilities?

1/7/2013

0 Comments

 
A: Yes. Any method of accessing corporate resources from external sources should be tested. This could include just the known dial-in phone numbers or perhaps the entire DID block of phone numbers allotted to the client. Don't forget about the phone lines connected to your PBX!
0 Comments

Q: What is 'wardialing'?

1/6/2013

0 Comments

 
A: Wardialing is a common term for testing connections to various computing devices over normal phone lines. Many organizations still have phone lines connected to routers, servers, PBX's, etc. for diagnostic and troubleshooting activities. If these connections are not secure they can represent a great threat to your organization.
0 Comments

Q: How is dial-in testing typically performed?

1/5/2013

0 Comments

 
A: Usually, one of two ways. The first method is to only dial the specific numbers that you know are connected to some form of computing device (typically excluding fax machines). The second method involves dialing a block of phone numbers. The goal of the second method is to find "hidden" dial-in access that which IT might not be aware. Blocks of phone numbers can range from several to several thousand.
0 Comments

    Categories

    All
    Applications
    Dial-In
    General Topics
    Pci
    Policies And Procedures
    Social Engineering
    Syrinx Technologies
    Virtualization
    Wireless

    RSS Feed

Powered by Create your own unique website with customizable templates.