On Wed, 12 May 1999, jen wrote:
> Here are some questions:
>
> 1. What products are there that will support outgoing calls? We have a
> Windows environment. WINport from LANSource is one product, and Shiva
> is another, but we don't know of much else.
>
Livingston Portmasters can be configured to allow network connections, and
there is some software that is available (shareware, I think
ftp.livingston.com has a trial copy of it available) that redirects a
COM port under windows over the network to the portmaster..
A Portmaster 2 gives 30 ports, they are really cheap too, espically since
a lot of places that have them (older/smaller ISPs) want to go digital
to do 56k, and dont want to use these anymore..
> 2. What products are there that will support incoming calls? This is the
> harder one, of course. I'm not sure it's technically feasible to support
> incoming calls.
>
How did you want to do this, say someone dials in and is connected to teh
COM port of the windows box?? I think that you can do that with the
livingston combo as well, however if the modems are in a hunt, or
if you assign the livingston to give a modem on first come first serve,
then it would be hard to know which incomming call goes to whom..
> 5. Any general ideas about security and analog phone lines? I realize
> that the most secure method is to just not allow them at all. This isn't
> going to fly, though.
>
Well, and this may go beyond the scope of this list, but ... Securing
analog lines (or any line for that matter) is hard becuase the telco
in most places isnt secure.. It would be really easy for a person to
access the junction box (anywhere between you and the Central Office
of the telco) cut the phone wire, add in a line simulator (so that
your side gets dialtone, line voltage etc), add a computer with a
couple modems, one going to you, via the line simulator, one going
to the telco, and effectivly sniff the traffic.. The software to
control this would be fairly easy, and could most likely be written
by anyone that took a first year programming class (even a HS class)..
Anyway, the only real way to prevent something like this is to have
encryption on this link, and then you couldnt do something like the
way SSH works becuase the person could intercept the key exchange,
and exchange their key with you, and their key with the system you
were tryiung to connect to, thus giving them cleartext..
But this type of attack is rare, and typically only done by people
that you wouldnt detect anyway, or by people who are going after very
specific information, and not just random stuff (which appears to be
a lot more common, the random stuff that is)..
Anyway, I am rambling again so ... :)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
