It's better to use intelligent Fax Boards by Brooktrout or Dialogic to
control this Phase A(handshake) and Phase B(data transmission) portions
of communication at the firmware level as opposed to a modem with all
init and "at" strings commonly known that may or may not be vulnerable.
-----Original Message-----
From: Maarten [mailto:maartenh (at) phreaker (dot) net [email concealed]]
Sent: Tuesday, January 13, 2004 12:49 PM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: potential fax server security issues?
Hi,
I was wondering if any of you has experience in testing fax servers. I
am looking for some insides on potential vulnerabilities on the modem
side of a fax server. Could an attacker for instance (potentially):
- Discover the fax server using a war dialler (yes)
- Connect to the fax server using his modem (yes)
- Initiate some kind of overflow on the fax server software after the
modem connection has been established, gaining a shell on the system????
Has anyone been looking into this kind of stuff? Am I being overly
paranoid at this point?
control this Phase A(handshake) and Phase B(data transmission) portions
of communication at the firmware level as opposed to a modem with all
init and "at" strings commonly known that may or may not be vulnerable.
-----Original Message-----
From: Maarten [mailto:maartenh (at) phreaker (dot) net [email concealed]]
Sent: Tuesday, January 13, 2004 12:49 PM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: potential fax server security issues?
Hi,
I was wondering if any of you has experience in testing fax servers. I
am looking for some insides on potential vulnerabilities on the modem
side of a fax server. Could an attacker for instance (potentially):
- Discover the fax server using a war dialler (yes)
- Connect to the fax server using his modem (yes)
- Initiate some kind of overflow on the fax server software after the
modem connection has been established, gaining a shell on the system????
Has anyone been looking into this kind of stuff? Am I being overly
paranoid at this point?
thanks!
Maarten
------------------------------------------------------------------------
---
------------------------------------------------------------------------
----
------------------------------------------------------------------------
---
------------------------------------------------------------------------
----
[ reply ]