Is there existing any methodology to test security of modems?

I am not asking about “war driving” (penetration testing of modem entry
points to the computer systems/networks) but testing of modems as devices?

What features shall one look for while assessing the security of modems
of various types (dial model, cable modem, DSL modem, GPRS modems, other
wireless modems, etc)?

Are there any publicly accessible (or commercial) modem testing tools?

Thank you,
John

Passmark makes an inexpensive Windows based software test tool.

http://www.passmark.com/products/modemtst.htm

That would be “war dialing” hanging with the old school terminology.

One of the things you want to look for on modems is if they are set to
“auto answer”.
What applications are being used in conjunction with the modem and how
are they configured.
What authentication is being used by those applications (and how
secure/reliable the authentication is).
Also look to see if any encryption is being used. Keep in mind that
all communication goes over POTS and the providers can monitor any
line they want to at any time.
What services are available over dial-up.

Google

Say I want to add a few packages or updates to the latest Backtrack
LiveCD, such as Wireshark or Firefox 2, what is the best way to
accomplish that?

Is there a way to slipstream additional files onto the LiveCD, or can
I save changes onto a USB drive or something like that?

Any help would be greatly appreciated!

Best regards,
John

BackTrack is a distribution that was actually built to be modular (i.e. Add
custom packages)

All the details on how to do this can be found in the BackTrack wiki:

http://backtrack.offensive-security.com/index.php?title=Howto:Mod_Linux

Hope this gets you goin’ in the right direction…

A new version is coming out shortly, you may not want to get too
invested in updating your own copy until that one is out. Probably a
few weeks.

- While it’s not DB specific, the paper “SQL Injection Attacks by Example”
by Steve Friedl is a great introduction to this topic.

http://www.unixwiz.net/techtips/sql-injection.html

Regards,
Jim Halfpenny

Is there a way I can block the likes of limewire uploading (without
blocking d/l) at a network level preferably via a filter rule on the
router or server s/w in a home network environment.

The problem I have is ppl on the network forget to close limewire and
leave their machines on and of course this gobbles up all the
bandwidth. I have successfully implemented a rule to block limewire
altogether at the router but this does not go down to well with my
users!

Many thanks,

Sam

- Why not get a bandwidth/QoS control device (you can even build one with
a linux box if you so desire) and limit the amount of upload bandwidth
they can use? There are small programs that can be installed in linux
firewalls, there are also dedicated devices to do this..

The options only depend on what you’re most comfortable with.

The nice thing about QoS controls is that you can say, other traffic
gets priority, but if there is no other traffic, limewire can use all
available bandwidth.

- My advice would simply be to go with the plan to ban P2P traffic. Your
user’s complaints can be ignored if there is not legitimate use that
provides value to your organisation. You users griping over the bar on P2P
file sharing is nothing compared to the headache of policing illegal
content and malware which is a constant part of P2P life.

If you allow it and it causes trouble would you want to be responsible?

Jim Halfpenny

- There are several packet classification projects out there that may help
you.

http://ipp2p.org/

http://www.shorewall.net/IPP2P.html

http://l7-filter.sourceforge.net/

http://hippie.oofle.com/tiki-view_articles.php

I would like to do an SNMP walk over all of my Cisco devices, to get the
hardware and IOS version information.
With this information I would then like to audit each IOS version to see
– Latest IOS image ave liable
– Recommended IOS Image
– Last IOS image that doesn’t have any vulnerabilities
– Then possibly an advanced check to see if my Cisco device supports
the mimimum hardware requirements

The main difficulty here is an easy automated way to get this information.

Any suggesions?

- Search for kiwicattools ( http://www.kiwisyslog.com/cattools2.htm ) .. That
may solve all of your MASS CISCO problems. We have a network of 300+ routers
and switches and it works nicely.

Muhammad

- I’ve had great success doing much of the things your interested in. Did
it under linux

using snmpwalk/snmpget and python with some shell for
glue (or was that in shell with python for glue?), but I suspect any
number of other *nix type OSes would work, dunno about cygwin on
windows. Probably an equivalent library or toolset somewhere if you
wanna do windows natively.

As for cisco IOS versions, these 3 charts @

http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/products_tech_note09186a00800afdb6.shtml

are very illustrative, I’m sure something like this exists in an ordered
parseable form somewhere…

- Ciscoworks ??? should be able to get it if you have CCO.

Could try OpenNMS if you using *nix / so you would not have to pay alot
of licensing fees.

http://www.opennms.org/wiki//

Hope that helps …

-