Date: Thu, 20 Apr 95 19:38:16 EST
Sender: owner-online-news@marketplace.com
Precedence: bulk
Status: RO
X-Status:
John Graham asked:
>He says that when one of our PCs on our internal
>(ethernet) network goes online, via a modem connection to
>an ISP, it opens up a way for someone on the outside to get
>into our internal business network. I know there are
>legitimate security concerns if we had our own dedicated
>internet server on our network and that it served as our
>access point into the Internet. But I thought that it was
>pretty much a one-way street if I log on thru an ISP via
>standard phone lines.
If you're running a terminal session, emulating something
like a VT-100 terminal, then you are safe (ignoring terminal
control characters in the data stream that may cause your
terminal window to blink).
If you're running a SLIP or PPP connection and are not
running TCP/IP server software on your workstation
(peer-to-peer services for FTP or NFS, for example), then
there is no thing local running to respond to malevolent
requests. Your PC is not likely running router or bridging
services and will not forward the bad bits on to other
internal devices.
In fact, if you are running TCP/IP support software like
WINSOCK for internal use and establish a SLIP or PPP
connection to an ISP at the same time, then your PC then has
two IP addresses - one via the ethernet to the internal
network and one via the serial port to the ISP. I wonder if
it starts to smoke at this point.
>Is it possible for someone on the Internet to hack their
>way thru my ISP's server, up my phone line and modem into
>my PC, and then be able to get at my network drive and into
>our mainframe system?
I've always been more worried by slow Information
Technology department response user requests for remote
access and the easy availability and low cost of software
like ARA and Timbuktu and Carbon Copy and Co/Session and PC
Anywhere and ... For less than $100 (even in Canadian
money), a frustrated user can take that modem line
(reluctantly given in response to repeated demands for
access to outside data sources) and turn it into a "work
from home when I want" to access port. And "since I'm the
only person who knows it's here, I don't need to worry to
much about passwords and stuff like that".
And it's inside the firewall! That's what scares me.
------------------------------------------------------------
Kevin Speicher The Globe and Mail
KSpeicher@GlobeAndMail.ca Canada's National Newspaper
Mir ist alles Wurst
That's what
From owner-online-news@marketplace.com Mon Apr 24 15:34:03 1995
Received: from marketplace.com by cnj.digex.net with SMTP id AA04369
(5.67b8/IDA-1.5 for ); Mon, 24 Apr 1995 15:33:20 -0400
Received: (from majordom@localhost) by marketplace.com (8.6.12/8.6.12) id IAA00895 for online-news-outgoing; Mon, 24 Apr 1995 08:01:55 -0600
Received: from vega.unive.it (root@vega.unive.it [157.138.1.9]) by marketplace.com (8.6.12/8.6.12) with SMTP id IAA00888 for ; Mon, 24 Apr 1995 08:01:50 -0600
Received: from ts7.unive.it by vega.unive.it with SMTP id AA05989
(5.65c/IDA-1.4.4 for ); Mon, 24 Apr 1995 16:04:50 +0200
Message-Id: <199504241404.AA05989@vega.unive.it>