> Whenever someone asks me about dial-back modems and security I generally
> look them in the eye and ask, "Ever hear of call forwarding?" and run.
To me this is a compelling reason for the use of CNID (caller-id) since
you know if the number the call is coming from is the same as the one
in the callback log. (In fact you will find I mentioned this in the CNID
FAQ in the TELECOM archives (wherever MIT put it - used to be at LCS.
MIT.EDU but heard it moved) several years ago.
Does not protect against an intruder with a laptop at your DEMARC or
the case where the callback has two lines and one is set to feed the
other but is an order of manitude lower risk than just callback.
Even better, with CNID, if a call comes from a number you do not recognize,
the modem never answers.
Of course nothing beats a OTP device for authentication (and soft tokens
exist).
However I suspect that once secure Internet links are available (see
the client<>firewall services being offered by V-One, Eagle, and TIS),
such telecom use may decline a bit.
Warmly,
Padgett
|
|
