Penetration Testing mailing list archives
Re: [PEN-TEST] PBX Security
From: David Spinks <david.spinks () dspinks41 freeserve co uk>
Date: Wed, 4 Oct 2000 17:01:43 +0100
Dear Joe Please excuse my direct post as I've yet to have any message approved by the moderator. We (AEA Technology plc in the UK) undertaken a number of PABX security reviews. Many of the most business sensitive voice systems are those supporting the 999 (911) services in the UK. Reliability is a key requirement here we use a methodology developed out of the safety sector called FMEA (failure modes and effects analysis) gives the analyst a chance of identifying common mode and common cause failure modes in complex networks. In terms of intrusion detection and monitoring most vendors will have advanced tools which allow the network manager to monitor and record in logs vast amounts of information on in coming and out going calls. Tools to analyse the logs are also available. Physical security of the switch and the management console are as critical as found in IT networks. I could go on .... David Spinks ----- Original Message ----- From: Joe Traietta <JTraietta () ASAHIBANKNY COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: 04 October 2000 15:07 Subject: [PEN-TEST] PBX Security
I have been asked to perform a security review on the PBX system
(NEC NEAX
2000 IVS) at my company. I have virtually no PBX experience, so
I was
hoping somebody could point me to a good resource, or pass along
some
personal experience about reviewing / auditing a PBX system. Thank you. Joseph Traietta Data Security Officer Asahi Bank, New York Branch
Current thread:
- [PEN-TEST] PBX Security Joe Traietta (Oct 04)
- Re: [PEN-TEST] PBX Security David Spinks (Oct 04)
- Re: [PEN-TEST] PBX Security Frasnelli, Dan (Oct 04)
- Re: [PEN-TEST] PBX Security Talisker (Oct 04)
- <Possible follow-ups>
- Re: [PEN-TEST] PBX Security PRAYAGSING MUKESH (Oct 04)
- Re: [PEN-TEST] PBX Security Dunker, Noah (Oct 04)
- Re: [PEN-TEST] PBX Security David Alexander (Oct 04)
- Re: [PEN-TEST] PBX Security Gallicchio, Florindo (2282) (Oct 04)
- Re: [PEN-TEST] PBX Security Loschiavo, Dave (Oct 04)
- Re: [PEN-TEST] PBX Security Mark L. Jackson (Oct 05)
- Re: [PEN-TEST] PBX Security Curphey, Mark (ISS Atlanta) (Oct 04)
- Re: [PEN-TEST] PBX Security Fricke, Gregory D. (Oct 04)
(Thread continues...)