Path: utzoo!attcan!uunet!lll-winken!netsys!vector!nobody From: dupuy@cs.columbia.edu (Alexander Dupuy) Newsgroups: comp.dcom.telecom Subject: For Callback Security Use a Different Line Message-ID: Date: 21 Dec 88 20:16:04 GMT Sender: chip@vector.UUCP Lines: 57 Approved: telecom-request@vector.uucp X-Submissions-To: telecom@bu-cs.bu.edu X-Administrivia-To: telecom-request@vector.uucp X-TELECOM-Digest: volume 8, issue 206, message 7 In a sun-spots article dan@watson.bbn.com (Dan Franklin) writes: > X-Sun-Spots-Digest: Volume 7, Issue 70, message 3 of 14 > As more people are trying to beef up security by having the system call > them back to log in, it's probably worth a reminder: don't use the same > telephone line (number) to call in and out. That would render the > callback mechanism completely useless. The reason is that there is no > reliable indication from the phone company to your modem that a caller has > actually hung up. [details deleted for brevity] > Even using a different line is not a defense, if the number can be > discovered. The penetrator can just call it ahead of time. You must use > a separate, unrelated (and unlisted) set of phone numbers. It's best if > the numbers have a different exchange prefix, to make finding them really > difficult. It seems that the CLASS-type service which is now becoming available from the BOCs would be ideal for a 'poipatraitor' to use to discover the dialback numbers being used. Admittedly, you'd have to have the system dial you back at least once, so that this only allows a (possibly former) insider to break the system, but that can be an issue. Are CLASS-blocking capabilities available? What if their system has CLASS and yours doesn't, but does provide calling # information to other exchanges? I guess the best solution is to use a modem pool for dialouts, and randomly select one of the modems in the pool. Ahh, but then if they cracked your random-number generator.... :-) @alex -- -- inet: dupuy@columbia.edu uucp: ...!rutgers!columbia!dupuy [Moderator's Note: Actually, a far better, easier, and cheaper way to handle the problem of unwanted users who simply hang on the line waiting for the modem to pick up and 'dial them back' -- only to be re-connected with the original phreak caller is to install *three way calling* on the incoming modem lines, and program the outdial activity to always begin with a switchook flash. 1) Modem answers; accepts information, instructs caller to disconnect. 2) If the caller does in fact disconnect to be called back, when the modem goes off hook a few seconds later to make the call, an extra switchook flash will do nothing but provide dialtone once, a disconnect, and dialtone a second time....then a dialed number. 3) On the other hand, if someone is lurking, waiting for the modem to pick up the line, that extra switchook flash will bring up the other line, and send the call out on it instead. Won't the phreak be suprised when he is left 'on hold'!! ha ha!! And if the modem is dialing his true number (which is unlikely, considering the games being played) it will get a busy signal or (if phreak has call waiting) will knock him off the line with the call waiting signal. This approach eliminates the need for the system administrator to get a group of lines for call back purposes and the need to keep them secret. Most modems can simulate a switchook flash with ! ... at least my US Robotics Courier 2400 can do it. P. Townson]