RE: A question about modem security

From: Andrew Shore (andrew.shore_at_holistecs.com)
Date: 04/26/04

  • Next message: Dedric Ramsey - Ramsey Consulting Svcs: "Re: What does this mean?" 
    Date: Mon, 26 Apr 2004 18:46:27 +0100
To: "David M" <davidbmurphy@verizon.net>, <security-basics@securityfocus.org>

    Encryption is handled by the applications above the modem layer.

    It is possible to send encrypted data down a modem line.

    The insecurity comes from the fact that anyone is capable of connecting
    to the modem simply by dialling it and then can brute force there way
    onto a system. Also most modems are left on systems by
    non-administrators (ie some guy in the off) who do not make any attempt
    to secure them.
     
    Andrew Shore
    Senior Security Specialist
    DDI. 01302 308 165
    andrew.shore@holistecs.com
     
     
     
    Company Number 04943010
    VAT Number 828 8635 82
     
     
    Holistic Technologies Ltd
    Unit 7 Shaw Wood Business Park
    Shaw Wood Way
    Doncaster
    South Yorkshire
    DN2 5TB
    T. 0870 240 1442
    F. 0870 240 1443
    www.holistecs.com
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    -----Original Message-----
    From: David M [mailto:davidbmurphy@verizon.net]
    Sent: 24 April 2004 19:28
    To: security-basics@securityfocus.org
    Subject: RE: A question about modem security

    Due to the lack of encryption on the connection. Which is caused by the
    limited amount of packets than can be sent over dial up speeds.

    -----Original Message-----
    From: Adnan Ali [mailto:call_ret@yahoo.com]
    Sent: Wednesday, April 21, 2004 4:30 AM
    To: security-basics@securityfocus.org
    Subject: A question about modem security

    I have read somewhere that dial-up questions using
    modems are inherently insecure. Can somebody please
    explain to me why it is so?

    Thanks,

            
                    
    __________________________________
    Do you Yahoo!?
    Yahoo! Photos: High-quality 4x6 digital prints for 25"
    http://photos.yahoo.com/ph/print_splash

    ------------------------------------------------------------------------ 

    ---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----
------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
  • Next message: Dedric Ramsey - Ramsey Consulting Svcs: "Re: What does this mean?"

    Relevant Pages

    • RE: Removing Local Admin Rights...
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Cisco CSA
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Minimum password requirements
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • Betr.: RE: fax software in the domain
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: HIPAA_Compliance
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)