Re: Prevent modems rather than detect them (Was: tool for detect modems in a lan)

["Steve" <securityfocus () delahunty com>]

Most phone systems that are eithe Key Systems or PBXes provide digital lines
to the jacks, not analog.  So your typical analog modem will not work.  The
person could go so far as to purchase a digital to analog converter, but I
would not see that as being the normal case.  You could also ensure that not
all voice jacks are cross connected back to the PBX/Switch, so someone would
have to unplug their desk phone to use the jack and the digital/analog
converter.  All in all not very likely case.


----- Original Message ----- 
From: "Alessandro" <a.bottonelli () infinito it>
To: <security-basics () securityfocus com>
Sent: Sunday, January 25, 2004 9:02 AM
Subject: Prevent modems rather than detect them (Was: tool for detect modems
in a lan)


Inspired by the previous thread, I am asking myself (but my experience of
telephony is way too outdated to answer my own question...): do "modern"
(whatever that means) private exchanges have a feature to distinguish
between
true voice calls/fax AND data calls? If so, one could just configure them to
block data calls whether inward or outward.

Another way to prevention would be to provide non-standard telephone lines
to
the desktops. I once worked for a company where the extensions where
provided
with digiltal lines that where proprietary. No ISDN TAs and no analog modems
would work.

The other side of the coin is of course... money. Non standard telephone
terminals are probably going to be more expensive than standard ones, but
you
may end up spending less money than chasing modems throughout a large
organization and with more peace of mind that your company security policies
are enforced (at least on this particular modem issue).

-- 
Alessandro Bottonelli
CISSP & BS 7799 Lead Auditor
www.axis-net.it






---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------