Modems

With the popularity of broadband access, modems are becoming less necessary for the average computer user; however, most systems still have modems installed and many corporate systems still have modems in place for remote access. These devices often provide a simple and unexpected method for an intruder to access systems.

Typically, remote access service (RAS) servers and fax servers are common places for modems to be located within a corporate network. Properly configured modems are fairly secure; however, the users of a corporate network may have modems in their PCs that they configure so they can dial in to remotely access their systems. This is done when no other remote access solution has been provided or if they feel that the existing remote access solution is inconvenient. These types of situations can provide an intruder with the perfect entry point to a network. The best solution to this problem is to implement a security policy to control the installation of modems on corporate systems, and to verify that those systems that need modems are properly secure. (For an example of how to perform a war dialing attack please refer to Exercise 4.02 in Chapter 4 "Audit and Monitoring".)