SUMMARY: modem security

From: CAD SYSTEM (jliu@splus.com)
Date: Wed Feb 08 1995 - 03:52:33 CST


Hi,

  The original question is :

> I have set up a dialup modem for my company. But my boss ask me to set a security for it.
> I remembered that there is so called modem pool(?) which has the feature.
> What I want to do is when a user dialin from home, The modem support software will record the phone number,
> check/comfirm the user's name, passwd, etc. then dial back to set the connection.
>
> Is it possible to setup like this? If yes, How should I do it and where can I get the software (public domain/
> commerical)?
>

I have received serveral responses. Most of them recommended the commerical product called
TermServ, and then CoSecure. But there is no public domain software.

Attached is the responses.
----------------------------
We use a commercial product called TermServ which is available for a variety
of Unix platforms. It does call-back to valid phone numbers, dual passwords
(upon login and call-back) can be used, all login activity can be logged as
well as accounting for phone bills (number, time and duration of call), users
can be restricted access at particular hours/days etc. I recommend it. Prices
start at $495.

Contact Los Altos Technologies, Inc. in California for more information:

                phone (415) 988 4848
                fax (415) 988 4860
                email info@lat.com
        

You can also find freeware software, but it is buggy and doesn't have the
same features. With the commercial product you can be up and running within
an hour (when your modem has already been set up for dial-in and dial-out).

Best regards

Paul Hostrup-Jessen

Department of Electronic Data Processing
Unix system administration

Bruel & Kjaer A/S
DK-2850 Naerum
DENMARK

email: phj06@bk.dk

---------------------------------------------------------
>From Sotirios.Magoufis@analog.com Fri Feb 3 02:16:42 1995
Date: Fri, 3 Feb 1995 10:15:29 GMT
From: Sotirios Magoufis <Sotirios.Magoufis@analog.com>
To: jliu@splus.com
Subject: Re: modem security
X-Sun-Charset: US-ASCII
Content-Length: 1118

Hi Jeffrey,

I have implemented exactly what you are asking for about two years ago.

        
        I used a solution offered by motorola codex ( I am sure other companies
        have similar solutions) based on 326FAST modems and their 9110 dial
        management system (PC version). When a user calls the base modems,
        he attaches a numerick password at the and of the dialling No.
        The dial management software makes sure that the modems answer the phone
        in quite mode, confirm the password and then dialback the number
        coresponding to the password.

        This is working fine for the last two years. In the past few months
        I have connected the base modems on to an ANNEX terminal server
        and introduced some extra security and extra features like SLIP
        and PPP.

        Also I noticed now that most modems have the dial back facility as
        standard in a much simpler format which is fine for a small number of users.

        If you need more information about the implementation please call call me.
        
        I would also be very interested in evaluating other public domain software.
        So if you do get any responses please email a summary.

Sotirios

---------------------------------------
>From gmp@adc.com Fri Feb 3 06:57:17 1995
Date: Fri, 3 Feb 95 08:55:46 CST
From: gmp@adc.com (Gregory M Polanski)
To: jliu@splus.com
Subject: Re: modem security
Content-Length: 2100

Hi

We have a modem pool in my department. A set of modems are connected
to an Annex 3 terminal server. The terminal server provides serial
connections up to 57.6K. The modem pool means that several phones
'roll over' so a single number is used for dial in, but several lines
are assigned to the number.

The terminal server includes passwords too.

The first level of security is dial back modems. The caller enters
an ID, and the modem dials back. This is OK for users that have
fixed telephone numbers.

        Multitech, via First Rep, Gary Isaacson, 612-944-2097
                has modems that dial back. They can be
                rack mounted or individual modems.

Gary Isaacson First Rep, Multitech 612-944-2097
Gary Isaacson First Rep, Multitech 612-944-8483 FAX
Tech Support voice MultiTech 1-800-972-2439 (voice)
Tech Support BBS MultiTech 785-3702

The second level of security is a product called SECURE ID.
It is a box that goes between the modems and the terminal server.

Each user has a credit card that has a 6 digit number that changes
every minute. The user uses the number as authentication.
Dial back is not necessary. So this supports users that travel
around the country.

Wayne Nelson Security Dynamics 617-547-7820

greg

greg_polanski@adc.com

 ---------------------------------------
>From jayl@lattice.com Fri Feb 3 11:01:11 1995
Date: Fri, 3 Feb 95 10:47:50 PST
From: jayl@lattice.com (Jay Lessert)
To: jliu@splus.com
Subject: Re: modem security
Content-Length: 354

We use a commercial product, TermServ, from Qualtrak Corporation.
408-748-9500. Works very well. Straightforward to configure,
very flexible.

--
Jay Lessert                                         jayl@lattice.com
Lattice Semiconductor Corp.                    (voice)1.503.681.0118
Hillsboro, OR, USA                               (fax)1.503.693.0540



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:15 CDT