Modems

Modems may provide a back-door to a network, bypassing the network router or firewall. For instance, a Windows PC may be left running a program such as PC-Anywhere, a Unix computer with a fax modem on a serial line may allow incoming calls, or other devices such as PBX controllers or diagnostic equipment may be left with a non-existant or weak password.

The modem number need not be published to be vulnerable; there are programs capable of dialling hundreds of numbers an hour looking for a dial tone, working from the assumption that modem lines to a business probably use the same exchange as voice lines.

Vulnerabilities in Unix systems may be exploited in the usual way if access is gained, while it may be possible to plant viruses/trojans in Windows PCs or run Windows-based packet sniffers. Either operating system may be used to bypass domain-based access control on other systems by originating traffic from within the site.

Up to Security Page

A.Daviel