Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site amdahl.UUCP Path: utzoo!utcs!lsuc!pesnta!amdcad!amdahl!jre From: jre@amdahl.UUCP (Joe Eykholt) Newsgroups: net.unix-wizards,net.dcom Subject: Re: Dial Back isn't always secure Message-ID: <1226@amdahl.UUCP> Date: Mon, 4-Mar-85 19:43:08 EST Article-I.D.: amdahl.1226 Posted: Mon Mar 4 19:43:08 1985 Date-Received: Tue, 5-Mar-85 15:17:58 EST References: <112@hydra.UUCP> <8840@brl-tgr.ARPA> Distribution: net Organization: Amdahl Corp, Sunnyvale CA Lines: 25 Xref: utcs net.unix-wizards:11626 net.dcom:875 > > It occurs to me that a really good way to protect a dial-out > line from an autodialer is to order the line as a conventional line > with call forwarding, and to call forward the line to another modem. > In this way, the call will automagically forward to a different modem, > eliminating the possibility of hacking during the time window between > dialing and call pickup. > > -JCP- This sounds like a good solution. One possible way around this may be to call-forward another phone to the outgoing modem. I suspect that many exchanges will not call-forward a call that has already been forwarded once (to avoid forwarding forever). To further clarify by example: We have three lines A, B, and C. Line A is the autodialer line that will be used to call out on. It is forwarded to line B, to avoid callers when it is trying to dial out. Line C is some phone in the attacker's control. The attacker forwards line C to line A, and then calls line C from yet another phone. The call is forwarded only from C to A, not from C to A to B. -- Joe Eykholt [Opinions expressed by me are not necessarily held by any other entity.]