Re: war dialers, are they a current threat?

["S. Jonah Pressman" <jonah () istar ca>]

"R. DuFresne" wrote:
> Do folks here consider war dialers a real threat in this day in age?

Absolutely.  It's always gratifying when a small-time hack wakes in the
morning to find that his war dialer/tone locater has found an array of
machines just waiting to answer and serve up information via PCAnywhere,
Laplink, telnet, etc. etc.

> How would others respond to a request in install a modem for dialup access
> to a server that one cannot secure becuase:
>
> 1)  There's no compiler to install tools to try and secure the system
>
> 2)  You are supposed to make this soft chewy available to the whole inside
> network
>
> Being that your pbx has no dialback feature, what's the best way to
> protect such a setup, if there is one?

A good IPsec VPN solution with certificate authentication may be the
order of the day.  Properly configured, the user can simply and securely
dial up to his/her ISP, invoke the appropriate VPN client policies, and
- presto.... enrypted and 3rd party (CA) authenticated access to the
corporate network.

> Thanks,
>
> Ron DuFresne
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>         admin & senior consultant:  darkstar.sysinfo.com
>                   http://darkstar.sysinfo.com
>
> "Cutting the space budget really restores my faith in humanity.  It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation."
>                 -- Johnny Hart
>
> testing, only testing, and damn good at it too!

 
------------ 'ome is where you hang your @ -----------------