Manualshelf

User manual

ManualsBrandsMultitech ManualsComputer equipmentMultiModem V.90/K56FLEX MT5600ZDX
11121314151617181920
12
1 Introduction
Welcome to PhoneSweep!
PhoneSweep
®
is a telephone system security audit tool that searches for modems, fax machines, and other
devices within a set of phone numbers. PhoneSweep can identify security risks such as unsecured
modems and potential vulnerability to toll fraud.
1.1 Why Worry About Unsecured Modems?
The presence of unsecured or misconfigured modems attached to computers on your network can
undermine a well thought-out security plan. Persons unaware of the risks may set up modems on their
computers that can be accessed with either no password or an easily guessed password. These modems
are then vulnerable to computer criminals who “war dial,” or call numbers systematically until they find a
phone number that connects to an unsecured dialup.
If a computer with an unsecured modem is connected to your organization’s network, anyone with a little
computer skill and malicious intent can use that unsecured modem as a “back door” into your network.
Firewalls don’t protect a network against this type of attack because the intruder comes in over phone
lines, rather than over the Internet, bypassing firewalls.
Obviously, it is in your and your organization’s best interest to use PhoneSweep to find rogue modems
and shut them down before an attacker finds them.
1.2 PhoneSweep: A Better Telephone Line Scanner
Before the introduction of PhoneSweep, there were no reliable tools for conducting security audits of
telephone systems. Security professionals who wanted to find unsecured modems had to resort to using
“war dialers,” publicly available programs written by amateur programmers and designed to commit
illegal acts. These tools are generally unsupported, difficult to use, and have limited reporting capabilities.
Many, such as ToneLoc, work only under DOS. Furthermore, freeware dialers may contain
undocumented “features” such as viruses or “back doors.” Do you really want to trust your network
security to the product of an anonymous amateur programmer whose intent was toll fraud?
PhoneSweep was designed and written specifically as a security audit tool by an experienced team of
engineers and security professionals. PhoneSweep is designed to be easy to use, flexible, and powerful.
PhoneSweep:
Runs on industry-standard Windows 95, 98, NT, 2000 and XP platforms.
Has an intuitive, easy-to-use graphical user interface.
Is capable of brute-force user name/password guessing (penetration testing) against many of the
systems it encounters, including PPP systems.
Produces detailed, customizable reports.
Comes in versions that can dial with one, four or eight modems.
Allows you to Stop and Restart scans on each profile without losing data.