Usenet Security

Arthur Evans arthure at sco.COM
Wed Mar 2 03:24:21 AEST 1988


In article <5875 at netsys.UUCP> tsl at netsys.UUCP (Tom Livingston) writes:
)   Two line callback --  Very good security, an intruder would have to scan
)for the outdial line, happen to get it _when_ it was outdialing, but then
)the intruder would not have to know a vaild 'ID' code... just wait on the
)line until it was used for an outdial.  Note -- Realistically, to my 
)knowledge, there is no good way to find an outdial without being inside
)the company, or X-REFing the in-dial with all other lines owned, and then
)determing which the outdial was.  Not an easy task, and it would not
)generally be attempted.

Also, note that with the computerized phone systems that
many companies use, it may be possible to prevent a given 
line from being used as a dial-in at all, preventing the
sort of attack you describe.  

arthur
-- 
This is me. 							Who are you?



More information about the Comp.unix.questions mailing list