[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] OT - How secure is ISDN?
Although you may get a dedicated curcuit from your location to the local telco, beyond that it is not a "True" dedicated curcuit. It is possible for a PHREAKER to jump between curcuits if he knows what he is doing. But this is very rare. We have a "dedicated" T1 running about 300 miles. I cannot go out to the road and say "This wire is my T1." We have all of our external lines firewalled. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mark L. Decker Sent: Friday, October 20, 2000 12:23 PM To: 'Ivan Fox'; 'Fw1-Wizards (E-mail)'; 'fw-1-mailinglist (e-mail)' Subject: RE: [FW1] OT - How secure is ISDN? ISDN is as secure (or insecure, depending on your level of paranoia) as any regular modem connection. I think security in the telephone network itself is fairly good. The phone company central office where the ISDN switch is located is a pretty secure facility. Highly unlikely that some hacker is going to get into the CO with the equipment needed to sniff. ISDN is as susceptible to "tapping" as any phone line for the portion of the connection that travels in public space (on telephone poles, etc), but not many hackers would go to the trouble of actually physically placing a tap. Because it is a circuit-switched medium, the data channel is reserved entirely for your use (like a private leased line), not shared with other user's data. The real risk with ISDN, in my opinion, is the end-points, not the circuit itself. War-dialing intrusion attempts could be made against the remote-access server that terminates the ISDN call. Or if the remote site is not physically secure, the client's machine could be owned and used to gain entry via the ISDN link. At a minimum, make sure any remote access server is OUTSIDE the firewall. Dedicated (nailed-up) ISDN circuits (like Pacific Bell's Centrex ISDN service) are a more secure than on-demand dial, since a hacker can't connect to a number that's busy all the time. However, if the connection is hung up for some reason, the door is open again. Many ISDN routers allow you to use CHAP authentication to verify the calling device, which helps a lot. Mark L. Decker Rainfinity [email protected] <mailto:[email protected]>-----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Ivan Fox Sent: Tuesday, October 17, 2000 8:01 PM To: Fw1-Wizards (E-mail); fw-1-mailinglist (e-mail) Subject: [FW1] OT - How secure is ISDN? This question may have been asked many many times! Am I correct/right to say that data travel through ISDN, no matter it is dedicated or not, is not "unsecured". Data can be sniffed by third parties. There is a need to deploy "firewall" for it. Your pointers/comments/suggestions are appreciated. Thanks, ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== http://www.primeinc.com ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please reply to the sender of the message. The views expressed in this correspondence may not reflect the views of Prime, Inc. This footnote also confirms that this email message has been scanned for the presence of computer viruses. *********************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|