Manualshelf

User manual

ManualsBrandsMultitech ManualsComputer equipmentMultiModem V.90/K56FLEX MT5600ZDX
21222324252627282930
21
2.4.2 MySQL 3.23.0 Limits on Profile Size, Number of Profiles
The MySQL database that PhoneSweep uses allows you to have a large number of profiles of varying size
(up to 50,000,000 records for MySQL version 3.23.0). Please Note: Sandstorm does not guarantee
satisfactory results with large numbers of profiles or profiles over 10,000 numbers for PhoneSweep Plus
and Plus 8 and 20,000 numbers for Plus 12 and 16.
Scans on profiles that contain more than the recommended number of phone numbers may suffer from
performance problems, particularly on slower PCs. Large profiles are also harder to recreate should they
become damaged during a system crash or power outage. We recommend that you always save copies of
your Profiles (Profile folders located in the folder named “Profiles” in the PhoneSweep directory) in a
separate location and use the best processing power available.
For more information about configuring and managing profiles, please see Setting Up And Managing
Calling Profiles in section 4.1.
2.5 Dialing Rules
Persons conducting telephone system security audits for an organization have a responsibility to minimize
any inconvenience to members of the organization. To this end, PhoneSweep implements dialing rules
that specify PhoneSweep’s calling behavior such that the scan will have minimal impact on your
organization's operations. Dialing rules control the order, time, and frequency of calls.
PhoneSweep can be instructed to:
Not make any calls during a specified interval. For example, in some organizations, calls
placed after hours to any number in the organization may be routed to a single point, such as a
security desk. Obviously, it is both uninformative and damaging to make calls during such an
interval.
Call a specified number or group of numbers only during certain intervals. Telephone
security auditors will want to schedule sweeps for times when they will be minimally disruptive.
For example, someone conducting a sweep of university phone numbers may want to dial
numbers that reach student dorms during the day and numbers that reach labs and offices during
the evening.
Only call a given number a limited number of times per day. This can be used to minimize
disruption, and is especially important when running PhoneSweep at the Penetrate level of effort.
Stop retrying busy numbers after a specified number of calls.
Call numbers either in sequence or randomly.
Wait a specified amount of time between calls. (Note: Never go below 5 seconds between
calls, as it does not allow modems enough time to reset to make the next call).
Stop brute-force username/password guessing attempts after a specified number of tries.
Some computer systems will lock a user out of his or her account if too many unsuccessful login
attempts are recorded.
More detailed information on how to take advantage of PhoneSweep’s implementation of dialing rules
appears in the appropriate sections of this manual.
2.6 Levels of Effort
You can specify the amount of information that PhoneSweep collects about the devices it encounters
during a sweep by setting PhoneSweep to sweep at one of three Levels of Effort on the options Setup-