Xref: utzoo comp.dcom.modems:9229 sci.crypt:4482 alt.security:2198 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!samsung!umich!dgsi!paulh From: paulh@cimage.com (Paul Haas) Newsgroups: comp.dcom.modems,sci.crypt,alt.security Subject: Re: Modem backdoor passwords (was re: security functions) Message-ID: <1991Apr15.155157.19473@cimage.com> Date: 15 Apr 91 15:51:57 GMT References: <1991Apr10.150745.4628@sctc.com> Reply-To: paulh@dgsi.UUCP (Paul Haas) Organization: Cimage Corp, Ann Arbor, MI Lines: 27 In article writes: > ... From what I've seen and read, good dialback security isn't a >one modem product, anyway. One modem answers and passes you through to >a security front door, which has your account info and callback number. >When you pass the test, it uses another (auto-answer disabled) modem to >call you back. If somebody hangs on the outbound modem line (by calling >in repeatedly until they catch a phone dialing out and then sending an >answer-style carrier) then they have normal password security. To avoid >this, the outbound modem should terminate the call if it doesn't detect >dial tone. This assumes that your CO or PBX provides a recognizable dial >tone. >Anyway, what I just wrote is more alt.security material, I'll bet. >-- Bob The modem doing the spoofing could present a fake dial tone. A better solution is to get a dial-out only phone line from the phone company. When the bad guy's modem calls the dial-out number they would get one of those fine Bell System messages telling them that they can't call this number. I've mostly seen it used for payphones. If the phone company in your area doesn't provide such a service, use call forwarding. The important thing is to make it so that under no circumstances can anyone call into the dialout modem in the callback pair. --- Paul Haas paulh@cimage.com