Dial up access problem - not a (solution)
From: Bruce ER Ballard (bruce.ballard@catalysta.co.uk)Date: 05/28/02
- Previous message: jmcguire@sbcs.com: "Need free app for viewing metadata in Word documents"
- In reply to: miloskv1@netscape.net: "Dial up access problem solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bruce ER Ballard" <bruce.ballard@catalysta.co.uk> To: <miloskv1@netscape.net>, <rpmiranda@sonae.pt> Date: Tue, 28 May 2002 16:37:42 +0100
miloskvi1@netscape.net says:
>"Yes of course you can do something like that. You can use callback option
so your
>RAS server (machine Y) would call back your client (machine X) on some
>predefined number. In that case your problem is solved.
>Everybody can call your RAS server and RAS will terminate session and
>call for example 555-4321 (that is the number you define). So... only one
>person can dial from that number and that is your client (machine X).
> If Client dial up from another computer (from number 555-4322, RAS will
answer on 555-4321 and client X will not be able to log in)"
This is not an entirely secure solution.It is relatively simple to construct
a device that will hold the line open, simulate a dial tone and allow the
modem on the secure system to "call back" to this simulation, bypassing the
call-back security. I have had this demonstrated to me.
To overcome this, you must ensure your dial-in modems are on physically
separate circuits from your dial-back modems. Your dial-back modems must be
set to withold caller ID as well (in the UK this is a 1470 prefix, what it
is in the US I am sure somebody can tell me).
Bruce Ballard
IT Director, Catalysta Ltd http://www.catalysta.co.uk
- Previous message: jmcguire@sbcs.com: "Need free app for viewing metadata in Word documents"
- In reply to: miloskv1@netscape.net: "Dial up access problem solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
