Comprehensive security coverage in organizations involves proactively searching out and closing the myriad security holes and vulnerabilities that exist in the network. While firewalls, IDSs and various security monitoring tools are commonly used by organizations to weed out security risks, sufficient attention is often not given to threats that bypass typical entry points and use alternate intrusion routes, such as telephone lines. Inspite of the rapid replacement by internet, analog modems are still in use by various organizations for equipment administration, remote connections etc.
Security breaches via these rogue modems can cause excessive losses to a company in terms of lost assets, leaked information, stolen intellectual property, and embarrassing press coverage. But these threats can be mitigated by putting a strong security audit policy in place that includes auditing for unsecured modems. NIKSUN’s PhoneSweep is a security audit tool that surveys the network for modems, faxes and other devices that can use telephone lines as an entry point into the network and shut them down before they can be exploited by malicious attackers. It identifies over 470 systems and classifies them as Phones, Faxes or Modems. The scans can be conducted in connect, identify or penetrate modes to vary the speed of scanning. The Single Call Detect feature improves the speed and accuracy of telephone scanning by evaluating the result of each call as it is made and modifying its behavior to eliminate the need for a second call to the device. PhoneSweep minimizes inconvenience to users by specifying the times at which calls should be made. Customizable reporting capabilities assist in highlighting problems, vulnerabilities and anomalies in the network.