User manual

ManualsBrandsMultitech ManualsComputer equipmentMultiModem V.90/K56FLEX MT5600ZDX

111

112

113

114

115

116

117

118

119

120

118

How can I increase my chances of detecting rogue modems that the user has attempted to hide?

To catch rogue modems that are only turned on part of the day, enable the Dial During Each Time

Period option when adding phone numbers to the profile. To find modems that have been set to pick up

after an abnormally long number of rings, increase the Timeout or Ring Timeout as appropriate on the

Dialing sub-tab.

How do I make sure unauthorized modems have been removed?

Do another sweep on the same numbers with the Rescan button.

What if voice mail picks up first on a line that has an unauthorized modem on it?

If voicemail always picks up before the modem, the modem is not vulnerable to attack. If you are

concerned that voicemail is only picking up part of the time, you can schedule calls to that particular

number during different parts of the day by specifying Dial During Each Time Period when adding these

numbers to the profile.

Will a remote modem configured for dial-out only be classified as Timeout?

Yes.

When won’t PhoneSweep attempt to Bruteforce (Penetrate) a System?

PhoneSweep will not attempt to Bruteforce Callback systems that accept ASCII text, nor will it attempt to

bruteforce unknown systems that do not have recognized username or password request. If you feel that

PhoneSweep should be able to penetrate a given system, please generate a Report with Appendix A and

then contact Sandstorm Technical Support.

Evaluating Security Risks

How is toll fraud committed? How can PhoneSweep help me detect toll fraud?

Unethical persons can dial into an organization’s PBX and use internal toll-access numbers to make long-

distance calls that are billed to the organization. PhoneSweep helps you guard against this situation by

detecting second dial tones.

Do second dial tones pose any security threat?

Yes. An unexpected second dial tone may be vulnerable to toll fraud, if it can be accessed from outside

the organization.

Other than actual lines in use, what might Busy numbers indicate?

A busy phone number may be an incorrectly configured line that gives a fast busy tone. If all numbers in

a profile are reported as busy, PhoneSweep may be having a problem dialing out. See Appendix C:

PhoneSweep Troubleshooting Guide.

Do fax machines pose a security risk?

Yes. A person allocated a line for a personal fax machine may decide to attach a modem to it, without

asking for authorization or properly securing the machine.

Do fax/modems pose a security risk?

Yes. It is possible that a fax/modem may pose more of a risk than a data-only modem. Users may not

realize the necessity of securing a fax/modem.