Great Circle Associates Firewalls
(November 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Spoofing ISDN
From: Mark <mark @ lochard . com . au>
Date: Mon, 6 Nov 1995 11:58:48 +1000 (EET)
To: maillet @ doc . cs . usm . maine . edu (Edward Maillet)
Cc: firewalls @ GreatCircle . COM
In-reply-to: <9511020049 . AA25854 @ doc . cs . usm . maine . edu> from "Edward Maillet" at Nov 1, 95 07:49:09 pm 
>  Some folks at work want to setup an ISDN dial-in connection relying
>solely on the inbound caller ID as the security measure. Is it possible
>to spoof the D channel to send fake info? I'm fairly certain there is
>a way to do it. Can anyone point me to some references so I can make a
>decent technical argument agaisnt this?

Throw words at them like corporate espionage, phreakers reprogramming switches
and malicious telco employees. Remind them that link level encryption and
authentication is not that much more difficult so there is no excuse not to
use it on the production system.

Ask them how much their security is worth to them and how much more peace of
mind they will get by knowing a heck of a lot of mathematics is protecting
their transmissions.

Cheers,
Mark
mark @
 lochard .
 com .
 au
Follow-Ups:
References:
  • Spoofing ISDN
    From: Edward Maillet <maillet @ doc . cs . usm . maine . edu>
Indexed By Date Previous: ssh secure tunnels anybody?
From: Michael Haberler <mah @ ic . co . at>
Next: Check point firewall-1 and firewall-2
From: Tham Huei Hwan <Tham . Huei . Hwan @ bass . com . my>
Indexed By Thread Previous: Re: Spoofing ISDN
From: Jim McBride <jim @ basic . net>
Next: Re: Spoofing ISDN
From: Jim McBride <jim @ basic . net>
Google
 
Search Internet Search www.greatcircle.com