Telecom device makes sure the back door is closed

Telecom device makes sure the back door is closed

Maker says Defense Department expressed interest in scanning system that secures phone networks

BY William Jackson

GCN Staff

A telecommunications scanning and discovery system from SecureLogix Corp. can secure back doors through telephone networks into data networks, the company says.

TeleSweep Secure, the San Antonio company's first product, will be followed later this year by TeleWall, a kind of telecom firewall that will monitor use and enforce policy about telephone lines.

'We see the federal market as huge,' said Lee Sutterfield, SecureLogix president. He said that the first product sales would be to a Defense Department agency and that intelligence and law enforcement agencies also have expressed interest.

About a quarter of SecureLogix employees have had experience in the Defense Information Warfare Center, he said.

Most security efforts focus on data network protection by means of firewalls, intrusion detection systems and vulnerability assessments. But as voice and data networks become increasingly interconnected, modems that bypass security devices can open back doors to hackers.

The beginning of convergence of voice functions onto data networks is making managers more aware of the threats that can come in over telephone lines, marketing director Steve Samaniego said.

TeleSweep Secure has a distributed, scalable architecture for scanning an enterprise. The software consists of manager and dialer components. The manager defines dialing profiles and schedules, which are executed by the dialer. The dialer calls specified numbers and identifies whether each line is used for voice, fax or modem.

If a modem is set to receive, the dialer identifies the type of software it is using and tries to guess the password, using that system's defaults and common passwords.

Based on its success guessing the password, the dialer classifies the modem as secure or unsecured and sends the information to the manager component, which generates reports. This tells the administrator the status of each modem and identifies unauthorized modems.

Copies hackers

The system is similar to war dialers'hacker tools used to dial automatically through a series of numbers and report findings.

Security managers sometimes use war dialers to search their systems for back doors, but the underground programs are undocumented and often unsafe.

Other security tools are built on the same principle, such as PhoneSweep from Sandstorm Enterprises Inc. of Cambridge, Mass.

The central manager can be connected, by Ethernet or through the Internet, to multiple dialers around the world, to scan a global enterprise without making long-distance calls. Each dialer has four modems and can assess up to 250 lines an hour.

The manager and dialer come installed on a 266-MHz Pentium II platform with 256M of RAM, a 4G hard drive, four modem ports and a 10/100-Mbps Ethernet connection. The hardware-software package, including consulting, technical support and maintenance for one year, starts around $18,000.

Contact SecureLogix at 800-817-4837.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.