Yuri de Groot wrote: > Hi all, > > In my new job for a tolls provider, I'm getting lots of customers calling about > toll calls on their bills to overseas numbers. When I try the number they always > turn out to be modems. > I ask the customer if they have a computer, and explain that some websites redirect > the customer to an overseas call. > > Is there any way, other than switching to Linux, to prevent this? > Do any firewall products prevent programs from accessing the modem? > > Or should I just tell them to place a linux box between their phone line and > their windows box?
A better one is to put a pin number in the toll access method. An effective firewall / gateway is:- http://ipcop.sf.net/ It runs well on an old '386 or '486 needs 12 Megs ram & ~125 Megs disk. This is a genuine criminal virus / worm / what's-its-name. Some friends of mine got hacked by this one about 18 months ago. The bill they got was for some hundreds of dollars to a 0900 number somewhere in the USA. Telecom lets their customers off this particular charge as it is not enforceable in the courts. There is the legal argument that the telecom provider is an accessory to the crime. Those particular crackers got caught with a bank balance of over $US1,000,000 and are now doing time to reflect on the wisdom of their actions. Evidentally either somebody else has recreated the 'sploit, or the original team have done sufficient time and are at it again. Told the police? They or their Interpol collegues would be interested. The hack is via a exploit in the java engine. The crims upload a java applet to the targetted machine. It then silently drops the connection and re-connects to the 0900 number somewhere or other in USA. I don't think the targetted machine has to visit a particular web site - just be online with the vulnerable browser. Upgrade to something other than IE. -- Sincerely etc. C.
