Presented at
DEF CON 6 (1998),
Aug. 2, 1998, noon
(50 minutes).
Security problems occur when obvious security problems are overlooked. One commonly overlooked problem is alternative access methods to a corporate Intranet from an external machine. Many if not most companies are overlooking their secondary vulnerabilities surrounding alternate methods of network access.
Mr. Shipley will present research covering an overview of a 2 year effort in massive multi-modem wardialing. His findings will include some personal observations and the results obtained from scanning the San Francisco bay area. When Mr. Shipley started this project he noted that there were no published research references to wardialing or documented statistical results of the types of equipment and computer networks commonly found on the POTS (Plain old telephone system) network. Mr. Shipley decided to change that through his research.
Presenters:
-
Peter Shipley
Mr. Shipley Is an independent consultant in the San Francisco Bay Area with nearly thirteen years experience in the Computer Security field. Mr. Shipley is one of the few individuals who is well known and respected in the professional world as well as the underground and hacker community. He has extensive experience in system and network security as well as programming and project design. Past and current clients include TRW, DHL, Claris, USPS, Wells Fargo, and KPMG. In the past Mr. Shipley has designed Intranet banking applications for Wells Fargo, Firewall design and testing for WWW server configuration and design for DHL. Mr. Shipley's specialties are third party penetration testing and firewall review, computer risk assessment, and security training. Mr. Shipley also performs post intrusion analysis as well as expert witness testimony. Mr. Shipley is currently concentrating his efforts on completing several research projects.