RE: Security and Modems

From: Heather Flanagan (
Date: 09/06/01

Message-ID: <C4E826E59C02D311985B00500463D90BDA94FB@SNS2XCH>
From: Heather Flanagan <>
To: 'Gary Mulder ' <>, 'Lisa Bogar ' <>
Subject: RE: Security and Modems
Date: Wed, 5 Sep 2001 21:36:02 -0400 

 Only one comment - I hope they are not using this for convenience in
getting around a corporate firewall, so they have their own back door in to
their system?

-----Original Message-----
From: Gary Mulder
To: Lisa Bogar
Sent: 9/5/01 11:20 AM
Subject: Re: Security and Modems


We're using callback with the US Robotics V.Everything modems on an
Ultra 60
and an Ultra 10. The only major problem we had (which may be
is that we could not connect at 38400 baud. 9600 baud seems to work

I can't say much about how secure it is, but I did a quick search and
see anybody talking about hacking the V.Everything callback. It only
allows you
three attempts at entering a password before dropping the connection, so
would take a long time to brute-force hack.

The callback seems to work fine (takes about 75 secs to call back). It
pulse dialing rather than tone dialing, which US Robotics Support could
help me change. I think most phone switches still support pulse dialing,
this shouldn't be an issue.

Setup-wise, the printed documentation is useless. Somewhere on the
driver CD is
a directory of PDF docs that include complete instructions on how to set


Lisa Bogar wrote:
> I have a client who wants to install a V.Everything 56K Analog
> Modem on their Sun Ultra 80. I was wondering if anyone has experience
> with the modem and in particular connecting it to an Ultra 80. In the
> specs it touts caller authorization and dial-back security features
and I
> would like to know how effective these are and also any redflags
> might have with this feature.
> In general, does anyone have some other features they have implemented
> secure access to the machine via a modem? Any resources or
> are appreciated.
> Thanks,
> Lisa

Gary Mulder
System Administrator,
Compugen, Inc.