RE: Modem detection in a LAN

From: Jacek Lipkowski (sq5bpf@acid.ch.pw.edu.pl)
Date: 03/11/02


Date: Mon, 11 Mar 2002 07:30:05 +0100 (CET)
From: Jacek Lipkowski <sq5bpf@acid.ch.pw.edu.pl>
To: pen-test@securityfocus.com

On Sun, 10 Mar 2002, Steve wrote:

> If you are internal to the LAN -- for the Windows boxes why not look for
> the specific drivers -- you can do this with very easy with a perl
> script -- of course you are going to need an account that has admin
> across the network. If you don't need to identify the exact brand of

*if* you have the account :) if you work at a university or any other
network without a strict security policy.

> All of this of course is kind of unnecessary as War Dialing is going to
> be more reliable (read: less false positives) for you, I have seen boxes
> with the associated drivers installed and no modem actually installed.

i don't know about windows dialups, but under unix you may have to call
the box two times in a short period, as the first ring will only activate
the dialup (see the mgetty(8) -R flag). this feature is used alot on
"illegal" modems, so after all war dialing is not that reliable. there
might be a similar feature in windows (although i'm not aware of it).

jacek

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/