|
|
Feel Good About Your Network
|
|
IDsec Limited
31-33 College Road
Harrow, Middlesex
HA1 1EJ
United Kingdom
(Map)
T: 020 8861 2001
F: 020 8861 3433
www.idsec.co.uk
Copyright © 2008
IDsec Ltd
5.08
|
|
|
|
|
|
|
|
|
 |
PhoneSweep is a fully automated modem scanner: it can find unauthorised
dial-ups that may by-pass the corporate firewall and other perimeter
defences.
|
|
|
|
|
PhoneSweep was the first commercial telephone
scanner, designed to help you detect dial-in modems that
can violate your security policy.
Many break-ins in recent years have come not through the
Internet, but through unauthorised dial-up
modems. PhoneSweep lets you find these modems and shut them
down before someone else uses them to break into your
systems.
|
|
|
By repeatedly placing phone calls to every phone number
that your organisation controls, PhoneSweep seeks out and
identifies computers with dial-up modems, including PCs
running remote access programs such as Carbon Copy,
pcANYWHERE, or Windows NT RAS.
It then generates a
comprehensive report detailing which services were
discovered on which dial-up numbers in your organisation.
Many information security professionals are acutely aware
of unauthorised or improperly configured dial-up ports on
networked computers. These dial-ups represent a significant
vulnerability for most medium-to-large organisations. But,
until now, there have been no supported,
professional-quality tools available to audit this aspect
of an organisation's security perimeter. PhoneSweep is an
invaluable tool for computer security professionals,
consulting firms and security officers in large
corporations.
|
|
|
Being a fully supported commercial product,
PhoneSweep is easier and safer to use than “war
diallers” developed by the computer underground.
With PhoneSweep, it's easy to implement a program of
regularly scheduled security audits on your telephone
system and computers attached to it. Each PhoneSweep
calling profile specifies a different set of numbers to
dial and time periods during which each number should be
called. Call-by-call results, including answers by modems
and fax machines, can be viewed in real time and are logged
to an embedded SQL database. Once a scan is complete, the
configurable report generator lets you get right to your
areas of concern.
We also offer the related Sandtrap product which acts as a
“wardialler detector”.
|
|
|
We have been using the PhoneSweep product for our own work since its introduction in
1998, and became the first UK partner for Sandstorm Enterprises.
Some of our customers have a do-it-yourself approach and just want to
buy the product, with some general recommendations on equipment and
use. In other cases, we use PhoneSweep as part of a consultancy
project and all that the customer sees of the product are the
results. In between are those organisations that want us to carry out
a complete modem scanning exercise but to leave them with the means to
carry out their own audits in the future.
|
|
|
Sandstorm Enterprises develops and sells security software, bundled with
specialised hardware or standalone. Based in Boston, Massachusetts,
its products are relied upon by customers in over 35 countries.
|
|
