Xref: utzoo comp.dcom.modems:9139 sci.crypt:4448 alt.security:2111
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!sdd.hp.com!spool.mu.edu!uunet!indetech!stables!sw
From: sw@ (Steve Warner)
Newsgroups: comp.dcom.modems,sci.crypt,alt.security
Subject: Re: Remote access to modem (was re: security functions in modems)
Message-ID: <1991Apr8.021815.907@>
Date: 8 Apr 91 02:18:15 GMT
References: <3888.27f10f22@hayes.uucp> <1991Apr4.144615.22814@dce.ie> <1991Apr5.170644.3076@sctc.com> <1991Apr5.215301.13807@netcom.COM>
Reply-To: sw@indetech.UUCP (Steve Warner)
Distribution: usa
Organization: BruderWare
Lines: 23

In article <1991Apr5.215301.13807@netcom.COM> gandrews@netcom.COM (Greg Andrews) writes:
>In article <1991Apr5.170644.3076@sctc.com> smith@sctc.com (Rick Smith) writes:
>>I heard a rumor recently that some dialback modems are manufactured
>>with a "backdoor" password that can't be disabled, which gives an
>>outsider rather complete access to the modem. So check out your
>>manufacturer closely. Evidently modem design/manufacturing skills are
>>independent of good sense where security is concerned.
>>

I happen to own several dial-back "security" type modems.  They do have
a backdoor password, which cannot be changed.  The purpose of this is
to allow the manuafcurer to call your modem for you and change YOUR
password, if you forget that your is.  I have modfied the formware in
these modems so that the backdoor password is no longer what the mfr thinks it is.

There is little security risk in this though as all the computers
connected to these modems have secondary password queries.


-- 
----
Steve Warner   -  Fremont, CA, USA  etc...
replies to:  sun!indetech!stables!sw    (forget what the header says)