FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-25-2008, 08:27 PM
"James B. Byrne"
 
Default Securing serial ports - fax modems

I have already deployed a fax server and am about to deploy a backup
system for this host at our off-site facility. It struck me that I have
given no thought to securing the serial port to unauthorized access. The
modem is a Multi-Tech MT5634ZBA which supports data as well as fax. So
this poses the same type of risk, if not to the same degree, as an ssh or
telnet port but without the availability of a firewall to throttle
repeated unsuccessful connection attempts.

Are there any recommendations on what should be done in this circumstance
or am I fretting unduly?

Regards,

--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2008, 09:25 PM
Scott Silva
 
Default Securing serial ports - fax modems

on 7-25-2008 1:27 PM James B. Byrne spake the following:

I have already deployed a fax server and am about to deploy a backup
system for this host at our off-site facility. It struck me that I have
given no thought to securing the serial port to unauthorized access. The
modem is a Multi-Tech MT5634ZBA which supports data as well as fax. So
this poses the same type of risk, if not to the same degree, as an ssh or
telnet port but without the availability of a firewall to throttle
repeated unsuccessful connection attempts.

Are there any recommendations on what should be done in this circumstance
or am I fretting unduly?

Regards,

If the system doesn't answer the data attempts, you should only have to worry
if someone can send a crafted bit of data that will trigger a buffer overflow
when the "fax image" is processed. I haven't heard of one, though.


You might be able to turn off the modems ability to answer any capabilities
but fax, and Class 1 fax AFAIR doesn't support a data channel. Only Class 2.0.


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 02:30 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org