Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] War Dialers
From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Tue, 5 Sep 2000 12:14:17 -0700

On Tue, 5 Sep 2000, Todd Beebe wrote:

Mark,

Yes, but placing a Telewall Firewall in-line with a very busy
PBX (over 8 T-1s) can cause a bottle neck.

I am not sure what you mean by bottleneck.  If you are referring to latency,
the TeleWall doesn't add any measurable latency to the line.  As for
capacity, each of those T1s can handle at most 24 simultaneous calls, and
each T1 TeleWall appliance also can easily handle 24 simultaneous calls.  It
is tested with a load generator which creates a constant stream of short
duration calls (the worst case). If your referring to the management server,
a single TeleWall Management server could handle upwards of 100 fully
utilized appliances.

The bottleneck is if you place the TeleWall in direct (inline) between the
CO and the PBX, there is no latency, but total disconnects.  At a very
large insurance company last winter, we had tried an evaluation box, and
on avg this insurance company gets about 10,000 calls every 5 minutes,
TeleWall was dropping over a quarter of the calls.


This is an extremely bad design for large nationwide insurance companies.

I am not sure what you are referring to in the design, but the architecture
was built to easily scale, and we have national customers who are now
planning the rollout of upto 10,000 appliances for a single enterprise.

The problem is the number of devices, and the application 10,000
applicances for a single enterprise.  What would happen if you were to
propose this type of architecture to a large ISP.. This does not scale.

Thanks.


Todd Beebe, CISSP




-----Original Message-----
From: Teicher, Mark [mailto:mark.teicher () NETWORKICE COM]
Sent: Sunday, September 03, 2000 9:29 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] War Dialers


Yes, but placing a Telewall Firewall in-line with a very busy PBX (over 8
T-1s) can cause a bottle neck.  This is an extremely bad design for large
nationwide insurance companies.  The Telewall Firewall was not successful
at the last place I was consulting at. It is not compatible with the larger
Lucent or WilTel equipment.

/m

At 02:10 PM 9/1/00 -0500, Todd Beebe wrote:
To clarify some information about the SecureLogix products for telephony
security:

TeleSweep Secure Scanner is a distributable dialer/vulnerability scanner
for
remote access servers that has penetration testing capabilities.

TeleWall Firewall is a distributable appliance that connects between a PBX
and the CO and allows administrators to control voice and data traffic
using
a security policy thats very similar to most policy-based ip only
firewalls.
Admins can set policy that allows or terminates traffic based on source,
destination, call type, time of day, etc.  It is PBX independent.

-----Original Message-----
From: Destefano, Robert [mailto:RRD () PARA-PROTECT COM]
Sent: Friday, September 01, 2000 11:29 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] War Dialers


The older version of PhoneSweep wasn't the best in the world
although I haven't gotten around to using the newer version.
In reference to the other new product SecureLogix has.. TeleWall - From all
the tests I have personally seen, it seems to work extremely well not only
from a security standpoint but from a management standpoint as well.  It
acts as a firewall for phone systems from the PBX... It can detect
voice/fax/data
modes and lock certain numbers to only certain means of comms. (ie.. a
voice
only can't have a modem unknowingly connected to it - you have to activate
it on the management console.)

my .02
Rocky



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]