Security Basics mailing list archives

RE: fax software in the domain

From: "Ed Spencer" <espencer () usa net>
Date: Mon, 26 Jul 2004 23:13:06 -0800

If you can't remove the fax software from the pc, remove the pc from the
network. ;-)

Since I'm guessing that both of these aren't an option there are a
couple things you can do depending on how much of the telephone side is
managed within the company.

1. Insure modem is NOT set to auto-answer calls.  Some even have a dip
switch to set this up so it can't be overwritten with the Hayes command
set.  Super glue or epoxy the dipswitch in place.

2. At the phone switch autoforward the line to voicemail preventing the
line from getting any incoming calls.  Optionally, assign a non DID
(Direct Inward Dial) number to the phone line to prevent non-internal
calls from reaching the line.  If you don't have access to the phone
switch arrange for the phone company to auto-forward the line elsewhere.
NOTE: This is only applicable if the faxes are outgoing and not
incoming.  LOOPHOLE: You can still forward an internal extension/number
to this line and dial in on the forwarded extension if the modem will
accept calls but every little bit helps (defense in depth).

3. Insure that the computer isn't set up to use the modem as a network
device by unbinding tcp/ip (in network setup, remove the items while the
modem is selected as the active card) from the modem.

4. Add a local policy to the machine or modify active directory policies
to prevent the modem from being bound back to tcp/ip (block network
changes).

5. Consider the use of a fax server in lieu of the existing solution
with better security features.

6. Find the local access numbers to ISP's and block those numbers on the
line from being dialed (not overly practical, but possible for the most
common numbers).

7. Lock out all but the user(s) that have to use the modem and if
possible block access to the fax modem from over the internal network
(it's usually shared as a printer).

I'm sure there are more steps that could be taken, and not all of the
recommendations above apply to every situation because of management and
company policies in place.

Good luck!
Ed Spencer
Network Administrator
Aramark Corporation - Denali National Park.
-----Original Message-----
From: Juan B [mailto:juanbabi () yahoo com] 
Sent: Saturday, July 24, 2004 2:06 AM
To: security-basics () securityfocus com
Subject: fax software in the domain

Hi,

Im my domain we have w2k servers and the workstations
we use xp pro.

On the station of one employee he must use also a fax
with a modem connected
to the telefhone line.

I think that this is a security problem.

I cant remove the fax from his pc .my question is what
are the steps to
protect this pc from being a security problem to all
the network ?

thanks !!




                
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.726 / Virus Database: 481 - Release Date: 7/22/2004
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.726 / Virus Database: 481 - Release Date: 7/22/2004
 



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

fax software in the domain Juan B (Jul 26)
- RE: fax software in the domain Rocky Heckman (Jul 27)
- RE: fax software in the domain Murad Talukdar (Jul 27)
- RE: fax software in the domain Ed Spencer (Jul 27)
- <Possible follow-ups>
- RE: fax software in the domain Depp, Dennis M. (Jul 26)
- RE: fax software in the domain Henry, Christopher M. (Jul 29)
  - RE: fax software in the domain Ed Spencer (Jul 30)
  - RE: fax software in the domain Rocky Heckman (Jul 30)