My mailer thinks that peter @
mcmail .
com wrote:
>
> > From: Pierre-Yves Bonnetain <pyb @
cadrus .
fr>
>
> > Hello you experts,
>
> Naah ;-)
>
> > Maybe this subject has been dealt with to the point of sickness, but...
> > One of my customers is looking for a _systematic_ way (well, as near as
> > possible, as usual) to detect if any internal user, on his network, may have
> > some modem attached to his computer (W95, OS/2 or Unix). I just told him that
> > this seemed dubious at most, but customers are customers.
> > So, what is your opinion ?
>
> It depends on the security policy of the site of course, but in my
> experience the biggest problem is modems on auto-answer so someone could
> possibly gain access to whatever program set the modem up to go into
> auto answer. There are a number of ways of dealing with that, short of
> simply saying "don't or I'll sack you" ;-).
>
> 1) Disable DDI and only allow access to certain lines. This has the
> disadvantage that you still leave a hole where a modem can T off a
> regular line;
>
> 2) Set up war diallers and run them overnight. This is an approach that
(this is stretching firewalls)
If you have a modem (and a line) with caller id, turn that on, let the
computer answer manually depending on the id string, (example: Linux with
uugetty), no wardialler will find the modem. Granted, you'll have to use
specific phone numbers listed in the script, but it would be possible to
use an additional connection point to access the modem (e.g. if you have
2 lines at home).
The only possibilty I see would be to examine all suspicious phonecalls (if
you have proper switchboard system, what a fun..) og manually check the
wiring, preferably at night.
Or check for unusual network traffic....
References:
|
|
