Section 8.2. Modems


8.2. Modems

The simplest type of communication involves a single user communicating with a computer via a modem. A modem (short for modulator/demodulator) is a device that lets you connect to a computer from a terminal using an ordinary telephone line. Your computer can also use a modem to communicate with another computer. Many point-of-sale terminals, credit-card scanners, and automatic teller machines (ATMs) work using modems, which convert digital bits to tones that can be transmitted over the telephone line. Using a modem is efficient because the technology is low cost and the Public Switched Telephone Network is readily accessible. Modems introduce security risks because they allow anyone to call your computer or modem-connected device. Attackers can track down your computer by dialing endless numbers using software that operates automatically, trying every number in turn until it finds one that answers with a modem's characteristic noise. Once connected, the intruder still needs to crack your login defenses, but connecting to the computer is the first step.

In most modern configurations in which modems are used, remote access servers (RAS) handle most security chores. These servers, using protocols such as TACACS and RADIUS, and DIAMETER employ techniques such as automatic callback, in which a user dials into the remote access server to notify the server that the user wishes to connect, and then hangs up. The server then calls the user. This not only ensures security, it also makes the telephone connect charges the responsibility of the server end, where bulk calling rates are more likely to apply. Once the RAS server authenticates the caller, the user then can execute network transactions according to whatever privileges have been stored in the user's security profile.

In most parts of the world, modem access is being replaced by wireless access or by some form of broadband access. With a broadband system, the security procedures employed resemble network security in general. This is because most high-speed access networks use the same protocols as local area networks, such as TCP/IP. An authentication server may still be employed to handle the chore of verifying users' identitiesand keeping visitors isolated until it is certain they are supposed to be present.

Hints for Modem Security

  • Be sure unauthorized users can't easily get access to your telephone and modem.

  • Don't publicize your computer's telephone number.

  • Don't put call forwarding on your telephone line if you have a callback modem on your computer. Call forwarding can let someone who's learned a password forward the call from the authorized terminal to his own (unauthorized) terminal.

  • Be sure your modem works properly with the systems you're accessing. For example, make sure the modem hangs up the telephone when you log out. Make sure the modem hangs up the telephone, and the system logs you out if you get disconnected. Otherwise, someone else might get access to your accounteither accidentally or deliberately.





Computer Security Basics
Computer Security Basics
ISBN: 0596006691
EAN: 2147483647
Year: 2004
Pages: 121

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net