I agree-- call back system is reasonable. In case due to some constraint
you can not put a callback system ( user dialing from multiple location etc
etc ) you can use reverse proxy allowing the user to connect to a specific
port thru reverse proxy. You can setup a RAS on a different network ( say
192.168.*.*) and allow the reverse proxy to do the job. Thats reasonable.
Debasis Sengupta
"Christian Freas"
<ChrisF@fairbanksca To: "Chris Berry"
<[EMAIL PROTECTED]>,
pital.com> <[EMAIL PROTECTED]>
cc:
06/11/02 02:17 AM Subject: RE: Modem Security
You're making this more complicated than it needs to be. The simplest and
most secure method is to use a callback system
-----Original Message-----
From: Chris Berry [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 07, 2002 2:08 PM
To: [EMAIL PROTECTED]
Subject: Modem Security
I think I've got my internet connection security coming together, but
I'm worried about a potential back door. I have one worker who absolutely
has to have a modem to contact the legacy system our billing service
uses. What bothers me is that someone might get clever and use a war
dialer to find this number and try and hack their way around my secure
gateway. I'd like to make this more difficult or at least have some way
to contain the damage. Does anyone have any ideas? I thought of possibly
putting a linux box configured as a firewall between her and the rest of
the network, but I'd have to have alot of ports open to allow all the
services she'll need so I don't know if that would even help much.
