Dial Back isn't always secure
Joe Eykholt
jre at amdahl.UUCP
Tue Mar 5 10:43:08 AEST 1985
>
> It occurs to me that a really good way to protect a dial-out
> line from an autodialer is to order the line as a conventional line
> with call forwarding, and to call forward the line to another modem.
> In this way, the call will automagically forward to a different modem,
> eliminating the possibility of hacking during the time window between
> dialing and call pickup.
>
> -JCP-
This sounds like a good solution. One possible way around this may be
to call-forward another phone to the outgoing modem. I suspect that many
exchanges will not call-forward a call that has already been
forwarded once (to avoid forwarding forever).
To further clarify by example: We have three lines A, B, and C.
Line A is the autodialer line that will be used to call out on. It is
forwarded to line B, to avoid callers when it is trying to dial out.
Line C is some phone in the attacker's control. The attacker forwards
line C to line A, and then calls line C from yet another phone.
The call is forwarded only from C to A, not from C to A to B.
--
Joe Eykholt
[Opinions expressed by me are not necessarily held by any other entity.]
More information about the Comp.unix.wizards
mailing list