Risk of communicating via modems 2

[barkerj]

What are the potential security threats of transferring files via modem?
People out in the field often use their mobile phone to gain a connection to a PC on our LAN. Connected to this PC is a modem. On the PC we have third party software that uses a proprietory protocol which uses checksums and CRC checks on packets of incoming data. This third party software is set up in such a way so that it knows where to pick up outgoing files and where to place incoming files. Despite the protocol,
1) Is it still possible for attackers to gain access to the files on the PC and
2) Is there a threat of interception or modification for the files we send over the line?

 

[vop]

1) Gaining access to your PC - consider the following:

Do you have a fixed (static) IP address or dynamic address? If it is static, a hacker could probe for visible ports, over extended periods of time, in an attempt to find open or accessway doors and for vulnerability profiling purposes. With a dynamic (changing) IP, they may hit upon you today and subsequently never find you again.

Some ports clearly telegraph the existance of a particular application type (open port 21=FTP, for instance) or, worse still, a particular program. By guessing or finding out the application in question, you are then inviting possible successful automated password cracking attempts especially in the case of words found in the dictionary. Ports can be opened, closed or stealth (undetectable). A router on a high speed connection tends to hide ('stealth') the majority of your ports (by default) causing technical barriers that require expertise to open or functionalize such ports.

Mostly stealth is the ideal standard for security issues. You can test your port vulnerabilities at the following test URL:

https://www.grc.com/x/ne.dll?bh0bkyd2

Most particularly, test 'Common Ports' and 'All Service Ports' options. Investigate any ports that show as open or closed (these can become vulnerable portals because their existence is visibly determinable). Accordingly, consider using a software firewall such as ZoneAlarm (and/or router as a NAT hardware firewall) in order to control what can get into and out of your computer, and to mostly 'stealth' those apps at your discretion.

You can also monitor and observe the opening and closing of ports by using the following DOS command:

netstat 5 (the number is the reporting interval in seconds)



2)threat of file interception or modification:

If such material is sensitive, you would be wise to encript send all such transmissions (e.g. for FTP) and/or set up a virtual private network (VPN) - a secure tunnel setup.



In summary, control your port and content transmission visibility and put a traffic cop over what can come and go from your system. You may, also, want to hire a security expert to try to penetrate (audit) your present setup and to recommend (further and particular) courses of action.

 

[chiph]

Probably not too many people doing this anymore, but hackers used to use war-dialers that would dial every phone number in an exchange, looking for modems that pick up. Once they've identified a phone number as belonging to a modem, they would then probe the connection to determine what operating system or program was controlling the other end. After they have that info, they are able to launch attacks that are specific to that OS and/or program. It's even possible for them to launch a brute-force attack if the password-check algorithm gives them unlimited tries.

So, this vulnerability isn't anything new. You would just perform the usual security lock-down on it -- require strong passwords, limit retries (lock the account after x-number of tries), turn the modem off when not needed, etc.

There is a very real possibility of eavesdropping. If a hacker has control of a phone switch somewhere they are able to use the built-in wire-tapping interface to listen in on the calls (the restriction for the police is procedural, not technical). I would encrypt any data sent across the connection using AES or a similar algorithm (I wouldn't use DES -- it can be broken in about a day).

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first