Penetration Testing mailing list archives
Re: [PEN-TEST] War Dialers
From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Fri, 1 Sep 2000 12:08:47 -0700
Yes, I tend to agree with Al on the point below. Real World testing of products and real world experience using said products are worth more than any review. As Al states reviewers are not that experienced using said products or setup sample test cases so that their favorite product will win while others will lose. Also another thing to look at is how much advertising space does the winning vendor have in that particular magazine. OK, Back to War Dialers I have used PhoneSweep on several different engagements, once scan was for about 100 modems, produced a nice report, but if used on a larger scale, like 10,000 numbers or more, multiple scans had to be done, and it was very very slow. Even on a fast box, if the application was re-designed to make use of dual processors machines, it would definitely enhance performance. The database architecture needs definite re-work, as in it should be open to other databases other to the one they package with it. The real bummer is trying to un-install the application, it leaves lots of remnants around, and one really needs a good registry cleaner to remove all the tidbits of the application from the particular machine one installed it on. /m At 10:11 AM 9/1/00 -0700, Alfred Huger wrote:
On Fri, 1 Sep 2000, Jose Nazario wrote: > On Fri, 1 Sep 2000, Alfred Huger wrote: > > > Anyone have any experiance with commercial war dialing packages > > compared to the free ones? > > they mentioned Ton-Loc but only in passing -- hasn't been updated since > 1994, wasn't very robust Well, it was written in pascal and if it was to be released again I suspect it would need a re-write. > and the author served 5 months in jail for There were two authors and the one you are referring to did *alot* more than 5 months in prison on more than one occasion. That being said if you make decisions on security software usage based on wether it's written by ex-hackers your choices are going to be *very* limited. > their tests were judged on carrier and fax detection, system id, > penetration (via authentication), reporting and "intangibles" like ease of > use (subjective, to say the least). Yeh, ease of use is always a killer. Getting your product reviewed as a vendor is a crap shoot. I rarely put much credence into the reviews. I have taken part in reviews where my products won out where they should not have and vice versa. All too often reviewers are simply not qaulified to make reviews worth reading and in other cases scores are based on really subjective data. I much prefer forums like this where I can get feedback from people who have actually used the software outside of a lab. > > and let's not forget the PalmOS wardialer TBA (from the L0pht's Palm Pilot > labs). > I have never actually used this, is it decent? -al Alfred Huger VP of Engineering SecurityFocus.com
Current thread:
- [PEN-TEST] War Dialers Alfred Huger (Sep 01)
- Re: [PEN-TEST] War Dialers Jose Nazario (Sep 01)
- Re: [PEN-TEST] War Dialers Alfred Huger (Sep 01)
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 02)
- Re: [PEN-TEST] War Dialers Alfred Huger (Sep 01)
- Re: [PEN-TEST] War Dialers Billy Smith (Sep 01)
- Re: [PEN-TEST] War Dialers Billy Smith (Sep 01)
- Re: [PEN-TEST] War Dialers Marc Maiffret (Sep 01)
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 01)
- Re: [PEN-TEST] War Dialers Wilkins (Sep 01)
- Re: [PEN-TEST] War Dialers Joe Calloway (Sep 01)
- Re: [PEN-TEST] War Dialers Brian Reilly (Sep 01)
- Message not available
- Re: [PEN-TEST] War Dialers Teicher, Mark (Sep 02)
- Re: [PEN-TEST] War Dialers Jose Nazario (Sep 01)
- Re: [PEN-TEST] War Dialers - Sorry Wrong URL Manny Fernandez (Sep 02)
- Re: [PEN-TEST] War Dialers Riley Hassell (Sep 02)