[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] OT - How secure is ISDN?
Personally that sounds a little to anal to be considering how secure an isdn line is vs any other service. Make sure your using good passwords, strong encryption across vpns and be safe. I don't see every POS running across secure lines, i don't see infomercials telling people how to encrypt there homeline so when they order something over the potts phone they won't have to worry about hackers. If you don't believe in use of the public networks then i hope to god you have one end of the copper at each one of your secure points. If you believe ISDN has any more security risks or any less then your in for it. You would limit yourself out of 95% of the networking topology if you didn't want to pass traffic through a public network. Even t1's are terminated at your local co and often framed up to the other co and then carried over to your demark. best advice, not worry about how secure the telco is, worry about how secure your router, firewall and company policies are. If someone is breaking into the CO and listening in or wire tapping then that is the least of your worries as that would effect an industry much bigger than anyone who would use an ISDN line. (meaning the average cracker/phreaker who has the knowlledge to hack into a co and re-route traffic wouldn't screw with shmo joe's isdn line). And about people stealing your circuit, almost impossible if you use bidrectional authentication on the terminal servers. (verify on spids and username/password ((caller id). And again, if your passing over any pubic network, spend the money and run a vpn to secure your traffic. (That includes people running frame relay or point to point, your hitting a public network at one point unless your afford your own circuits) -byron not to be rude, but there is a difference between being secure and paranoid. Just balance out what your paranoid about, make policies on the rest and be insured :) -----Original Message----- From: Ed Davidson [mailto:[email protected]] Sent: Friday, October 20, 2000 2:15 PM To: [email protected] Subject: RE: [FW1] OT - How secure is ISDN? Although you may get a dedicated curcuit from your location to the local telco, beyond that it is not a "True" dedicated curcuit. It is possible for a PHREAKER to jump between curcuits if he knows what he is doing. But this is very rare. We have a "dedicated" T1 running about 300 miles. I cannot go out to the road and say "This wire is my T1." We have all of our external lines firewalled. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mark L. Decker Sent: Friday, October 20, 2000 12:23 PM To: 'Ivan Fox'; 'Fw1-Wizards (E-mail)'; 'fw-1-mailinglist (e-mail)' Subject: RE: [FW1] OT - How secure is ISDN? ISDN is as secure (or insecure, depending on your level of paranoia) as any regular modem connection. I think security in the telephone network itself is fairly good. The phone company central office where the ISDN switch is located is a pretty secure facility. Highly unlikely that some hacker is going to get into the CO with the equipment needed to sniff. ISDN is as susceptible to "tapping" as any phone line for the portion of the connection that travels in public space (on telephone poles, etc), but not many hackers would go to the trouble of actually physically placing a tap. Because it is a circuit-switched medium, the data channel is reserved entirely for your use (like a private leased line), not shared with other user's data. The real risk with ISDN, in my opinion, is the end-points, not the circuit itself. War-dialing intrusion attempts could be made against the remote-access server that terminates the ISDN call. Or if the remote site is not physically secure, the client's machine could be owned and used to gain entry via the ISDN link. At a minimum, make sure any remote access server is OUTSIDE the firewall. Dedicated (nailed-up) ISDN circuits (like Pacific Bell's Centrex ISDN service) are a more secure than on-demand dial, since a hacker can't connect to a number that's busy all the time. However, if the connection is hung up for some reason, the door is open again. Many ISDN routers allow you to use CHAP authentication to verify the calling device, which helps a lot. Mark L. Decker Rainfinity [email protected] <mailto:[email protected]>-----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Ivan Fox Sent: Tuesday, October 17, 2000 8:01 PM To: Fw1-Wizards (E-mail); fw-1-mailinglist (e-mail) Subject: [FW1] OT - How secure is ISDN? This question may have been asked many many times! Am I correct/right to say that data travel through ISDN, no matter it is dedicated or not, is not "unsecured". Data can be sniffed by third parties. There is a need to deploy "firewall" for it. Your pointers/comments/suggestions are appreciated. Thanks, ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== http://www.primeinc.com ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please reply to the sender of the message. The views expressed in this correspondence may not reflect the views of Prime, Inc. This footnote also confirms that this email message has been scanned for the presence of computer viruses. *********************************************************************** ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|