Path: utzoo!attcan!uunet!husc6!bloom-beacon!mit-eddie!killer!vector!nobody From: amdcad!snap.AMD.COM!hayes@ames.arc.nasa.gov (Jim Hayes) Newsgroups: comp.dcom.telecom Subject: Re: For Callback Security Use a Different Line Message-ID: Date: 25 Dec 88 05:20:33 GMT Sender: chip@vector.UUCP Lines: 29 Approved: telecom-request@vector.uucp X-Submissions-To: telecom@bu-cs.bu.edu X-Administrivia-To: telecom-request@vector.uucp X-TELECOM-Digest: volume 8, issue 210, message 1 dupuy@cs.columbia.edu (Alexander Dupuy) writes in article : >X-Administrivia-To: telecom-request@vector.uucp >X-TELECOM-Digest: volume 8, issue 206, message 7 > >I guess the best solution is to use a modem pool for dialouts, and randomly >select one of the modems in the pool. Ahh, but then if they cracked your >random-number generator.... :-) > >[Moderator's Note: Actually, a far better, easier, and cheaper way to handle >the problem of unwanted users who simply hang on the line waiting for the >modem to pick up and 'dial them back' -- only to be re-connected with the >original phreak caller is to install *three way calling* on the incoming modem >lines, and program the outdial activity to always begin with a switchook >flash. Who says you have to dial INTO a modem to get reasonable call-back service? Dialing into a dedicated "receiver" that understands TouchTone works just fine. Once authentication is complete, the unit hangs up the dedicated line and instructs a modem somewhere in the system to call the user back on the modem's individual line. I've used two systems that implement callback using this method with great success. -Jim Hayes Advanced Micro Devices, Inc., Sunnyvale CA. hayes@amdcad.amd.com /earth: file system full {ucbvax|sun|decwrl}!amdcad!hayes These are not opinions of AMD.