War dialing

Thursday, 22 August 2002, 3:54 AM EST

In today's ubiquitous networking environment, threats come in all shapes and sizes. And security analysts would like to believe that with a firewall in place, you are safe from network and systems exploitation. This just isn't so. In this article, I will look at one particularly popular attack: war dialing. A war dialing attack is malicious in intent and is a form of penetration into an organization's network designed to elude firewalls and intrusion detection systems (IDS). War dialing attacks involve attempts at gaining access to an organization's internal computing and networking resources via dial-in access. In laymen's terms, the attacker dials a number inside an organization's network to connect to systems behind the organization's firewall or perimeter defenses. This article looks at the most common form of network penetration testing used by both hackers and security auditors today. It then examines exactly what needs to be secured to prevent a war-dialing attack and how to implement it. This article also describes two methods organizations can employ to reduce their exposure to this kind of attack.

[ Read more ]


Infosec management strategies and the modern CTO

Posted on 21 January 2015.  |  Brandon Hoffman, Lumeta's CTO, talks about the management strategies that are essential in the information security industry. He also offers advice to those stepping into the CTO role for the first time, and talks about the evolution of network situational awareness.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jan 23rd