Telephone access to computers and other hardware is grown over the years. Paralleling this is also the growth in illegal access. The reasons for this illegal access range from outright piracy to vandalism by current or ex-employees. Many times simply finding an open modem presents an open challenge to hacker groups, which often results in the intentional or unintentional corruption of some files.
The requirement for caller authentication crosses every size of business and every industry line. Some of the main requirements for caller authentication in today's world are:
- Secure access to data collection devices.
- Securing maintenance ports. Security is also a part of many other CPS remote access products.
- Preventing potential exposure of the corporate LAN to unauthorized access through a "back-door" modem port on a LAN connected device.
- To add hardware to current password system to meet the requirement for "Two Factor Authentication".
CPS manufactures a number of different dial security products that are primarily used to AUTHENTICATE the caller and deny access to unauthorized callers.
These products are based on three primary methods of authentication:
- The Challenge Response Concept
The CHALLENGER FAMILY of hardware security products connect to the analog side of the operative modems and operate on a LOCK and KEY principle. Any call to a modem with a LOCK connected to it, is challenged for the presence of the proper matchbox-sized user KEY connected to the caller's modem. Unauthorized calls and nuisance calls, without the proper KEY are defeated in less than ½ second. They are also never recorded as modem answered calls by war dialers or other monitoring systems. The encrypted challenge changes with each call. It may be used as a stand-alone authentication system or with current password systems for "two-factor authentication". It is 100% transparent to the hardware/software and to the user making it extremely easy to use while being very effective.
To hear the response to an unauthorized Challenger call, dial (770) 945-7479 between 6:00 PM and 8:00 AM EST.
- The Caller ID Security Concept
Caller ID was not developed for the purpose of providing dial line security, but with the proper hardware at the receiving end, it can be used for that purpose. It is not considered to be a high security approach, but is probably adequate for many requirements.
It has the cost advantage of not requiring any additional hardware at the calling locations. All that is required is buying the service from the local phone company and the appropriate CID recognition hardware at the receiving location. Its disadvantage is that it is not mobile. Calls must be made from the same, or a limited number of different locations.
- Touch-Tone Passwords
Touch-Tones are the most economical method of accessing a secure system because no hardware or other means of identification is required at the caller's end. But like other passwords, they are the most easily compromised and they place the greatest burden on the caller (remembering them and missing entries). The burden increases with the number of digits required.
However, reducing the number of digits also reduces the efficiency of the protection device. As an example, a two digit numeric touch access code yields only 100 different combinations, four digits yield 10,000 combinations, six digits 1,000,000 combinations, and eight digits 100,000,000 combinations; add the * and the # sign or other sign on requirements and the numbers increase.
Nevertheless, Touch-Tone passwords do have their place. We recommend them for "pest control" in applications where they are used to simply screen out wrong numbers or low-level hacker attempts on relatively unimportant data or remote AC power or reset control lines. Higher level passwords (more digits) are normally used in modem applications where the password digits can be appended to a preset AT dial command.
Sometimes the most obvious security methods are overlooked. Most security experts agree that the best security is to simply disconnect the targeted device or to turn it off. Many times this is not practical, but for devices that are seldom used, why keep them connected all of the time.
CPS’s AC power control products can meet the ON/OFF objective or use any of the LAN or DSL broad band disconnect devices below. You can also keep the analog part of the connection running, if necessary, while disconnecting the LAN or the broad band spectrum of a DSL line.
Some of the products listed below include a combination of methods.
- Comparison Chart
Controls the physical connection of a DSL line through a relay (Enable/Disable). Control is initiated "out of band" by a standard analog phone call ( Provides controlled access to your remote systems via touch-tones. land or cell) to the "DSL Enabler" on the DSL line. Learn More
External hardware switch that connects to the modem and the LAN. It breaks the LAN connection any time the modem is in use (inbound or outbound). It prevents LAN access through a dial modem connection. It is oriented toward PC clients and Servers that have both modem and LAN connections. External box or wall plate.Learn More