Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Modem detection in a LAN
From: Jacek Lipkowski <sq5bpf () acid ch pw edu pl>
Date: Mon, 11 Mar 2002 07:30:05 +0100 (CET)

On Sun, 10 Mar 2002, Steve wrote:

If you are internal to the LAN -- for the Windows boxes why not look for
the specific drivers -- you can do this with very easy with a perl
script -- of course you are going to need an account that has admin
across the network.  If you don't need to identify the exact brand of

*if* you have the account :) if you work at a university or any other
network without a strict security policy. 

All of this of course is kind of unnecessary as War Dialing is going to
be more reliable (read: less false positives) for you, I have seen boxes
with the associated drivers installed and no modem actually installed.

i don't know about windows dialups, but under unix you may have to call
the box two times in a short period, as the first ring will only activate
the dialup (see the mgetty(8) -R flag). this feature is used alot on
"illegal" modems, so after all war dialing is not that reliable. there
might be a similar feature in windows (although i'm not aware of it).


This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]