Phone Sweep

Sword & Shield performs a sweep of the telephone address space to detect unauthorized modems and authorized but insecure modems. We can perform a phone sweep as a standalone service, or as part of another service, such as an external network vulnerability/penetration test.

Our Methodology for a Phone Sweep

Sword & Shield security engineers will consult with your designated project manager to understand the telephone number scheme, acceptable use policies associated with modems and any known modems in existence within the environment.

Once we have this information, we will conduct a sweep of the telephone address space to detect unauthorized modems and authorized but insecure modems. This test will ensure authentication systems are in place. In addition, our experts will attempt to exploit any vulnerability that may exist to ensure telephone devices do not provide backdoor access to the system or network.

Sword & Shield performs this service remotely from its test center. The end result is a detailed, actionable report listing all findings and recommended steps to reduce risk.

Questions Our Report Will Answer

• Has someone attached an unauthorized modem to your network?
• Are your authorized modems susceptible to a break-in with a war dialer?
• Do your authorized modems display login banners that identify the system?
• Do your authorized modems still have default manufacturer passwords?
• Is there unknown, open access to a legacy system?
• Are you at risk by not conducting regular audits across your organization?

Real Success Story

While conducting a telecommunications sweep for a small bank, Sword & Shield analysts identified a modem which provided access to the unprotected administrative console of the bank’s VoIP gateway. Once connected, the Sword & Shield team had the ability to make arbitrary configuration changes. Per conversations with the bank’s IT staff, the modem was used by a third party that managed its VOIP system.

Based on Sword & Shield’s findings, the bank implemented a policy which required the modem to be disabled and only re-enabled when access is required by the third party who manages it (i.e. upgrades, patches, authorized configuration changes). The bank also instituted a configuration change that required the third party to authenticate to the administrative console prior to making any changes. Sword & Shield’s phone sweep assisted in identifying a serious vulnerability that could have put the bank’s telecommunications infrastructure in jeopardy.

Find Out More

Sword & Shield has been outsmarting cyber-criminals and improving security for enterprises around the world since 1997. Fill out our Consultation Request form or contact us by phone so we can begin securing your future.

U.S. Toll-free: 800-810-1885

International: 865-244-3500

Request a Consultation

Name *
Company
Email *
Phone *
State	Select a StateAlabamaAlaskaArizonaArkansasCaliforniaColoradoConnecticutDelawareDistrict of ColumbiaFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahVermontVirginiaWashingtonWest VirginiaWisconsinWyoming
How can we help you today?
Spam Protection	Type this:
Sales answers requests within 1 business day and usually within a few hours.