Protecting Dial-Up Access
Do not leave a modem in auto-answer mode; war-dialers can find your modem
Modems should hang-up after logout to prevent hang-up hooking
Modem should reset to default configuration at end of call to prevent remote programming of modem
Notes:
There are a few basic guidelines to protecting modems. They include:
- Never leave a modem in auto-answer mode. If a modem needs to be in auto-answer mode (e.g., for field service calls), turn it on when it is needed and shut it off when it is not needed. If you require 24/7 auto-answer, be aware of the risk and isolate that computer if at all possible.
- Modems should be configured to logout a user after the connection is dropped and to drop the connection after the user logs out. This prevents an attack known as hang-up hooking where an attacker actually causes an interruption in a valid user's connection and then quickly dials back to the modem on the same number and "continues" the interrupted session.
- Configure the modem so that it resets to your site's default modem configuration at the end of each call. This prevents an attacker from connecting to the modem, changing the modem's settings, and dialing back in to take advantage of the changes.