Re: Is modem sharing available in SBS 2003?
- From: "Rick F" <rick.REMOVE@xxxxxxxxxxxxxxxx>
- Date: Thu, 2 Jun 2005 21:05:17 -0500
Gary,
I am on your side. Having a modem for dialing into a financial firm like a
bank is still used today (I have several clients that the bank only accepts
wire transfers that way). The is no security risk when you consider the
modem is not configured to auto-answer. A modem is more secure than any
broadband connection with I don't care how many bits of encryption for a
VPN. A modem is a direct one-to-one relationship between you and the bank,
with no chance in hell that a hacker on the Internet is going to get
through. It was merely removed because MS no longer wanted to support it or
lack of interest. I've been using ModemShare as an alternative and having
good results.
--
Rick Faria - MCSE / A+
RDF Technical Services - www.rdfts.com
Email: support at rdfts dot com
"Gary Karasik" <gkarasik@xxxxxxx> wrote in message
news:%23%23VSFY5ZFHA.3120@xxxxxxxxxxxxxxxxxxxxxxx
>I find nothing in the security assessment that doesn't also apply to
>broadband. Done properly, dialing in to a financial institution is safer
>than going in by broadband. The procedures suggested in the aritcle you
>cite support that. Which comes back to my point (which is hardly worth all
>this back-and-forth, so I'll let this drop now): Microsoft's rationale for
>removing the shared modem service is bogus.
>
> GaryK
>
> "Bob Genestet" <bob_genestet@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:u0$CKP4ZFHA.2916@xxxxxxxxxxxxxxxxxxxxxxx
>>I never said they were not allowed to be used, I said they are considered
>>a security risk.
>> http://www.ffiec.gov/ffiecinfobase/booklets/information_security/information_security.pdf
>> Happy reading.
>>
>> Bob
>>
>> "Gary Karasik" <gkarasik@xxxxxxx> wrote in message
>> news:OBLYoA4ZFHA.3712@xxxxxxxxxxxxxxxxxxxxxxx
>>> My point is not that there aren't security risks (to which external
>>> connections aren't there?). My point is that, like so many of their
>>> stated rationales for the things they do, the stated rationale for
>>> getting rid of shared modem service--it's a security risk--is bogus.
>>> Certainly a centrally administered shared service where the admin can
>>> control which numbers can be dialed and where the resulting connection
>>> goes through the same security as the centrally administrered broadband
>>> connection--is as secure as you're going to get.
>>>
>>> I'm interested in the FDIC, OCC and State banking regulators
>>> restrictions you cite. I can't find any reference to them. Can you tell
>>> me where you find those?
>>>
>>> GaryK
>>>
>>> "Bob Genestet" <bob_genestet@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>>> news:OKb%23m32ZFHA.2980@xxxxxxxxxxxxxxxxxxxxxxx
>>>> It is definitely considered a security risk still today by some, more
>>>> specifically the FDIC, OCC, and State banking regulators. I may be
>>>> showing my age but modems were at the top of the hackers list as a
>>>> means of entry. Remember "war dialing" not to be confused with today's
>>>> "war driving" whose names are in reference to the 1983 movie "War
>>>> Games". Of course wireless "war driving" was not even conceived until a
>>>> couple years ago, although it is name goes back 20+ years.
>>>>
>>>> Thanks,
>>>> Bob
>>>>
>>>> "Gary Karasik" <gkarasik@xxxxxxx> wrote in message
>>>> news:%2319z9zvZFHA.2420@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Thanks, Susan, but I don't buy it. In my experience, most people today
>>>>> need modem sharing not for surfing the web but for dialing in to
>>>>> financial institutions, some of which consider it a security risk to
>>>>> allow inbound broadband and will allow only dialup. Surely if security
>>>>> were the reason there would be an easy way for the admin to limit what
>>>>> numbers were being dialed.
>>>>>
>>>>> The "lack of demand" argument is probably closer to the truth although
>>>>> still not entirely honest. The marketing people, who see all features
>>>>> in terms of their value to sales, no doubt decided that this feature
>>>>> wouldn't drive any sales, and as there would be a cost to
>>>>> integrating/testing the code in the new product, decided the trade-off
>>>>> wasn't worthwhile.
>>>>>
>>>>> GaryK
>>>>>
>>>>> "Susan Bradley" <sbradcpa@xxxxxxxxxxx> wrote in message
>>>>> news:up1yrttZFHA.3356@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>> Gary Karasik wrote:
>>>>>>
>>>>>>> That is interesting. I never heard that. How is modem sharing seen
>>>>>>> to be a security risk?
>>>>>>>
>>>>>>> GaryK
>>>>>>>
>>>>>>> "Matt Gibson" <mattg@xxxxxxxxxxxxxxx> wrote in message
>>>>>>> news:uYi5MJsZFHA.1448@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>>>
>>>>>>>>No. It was removed, as it's a security risk.
>>>>>>>>
>>>>>>>>Matt Gibson - GSEC
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> Having your server [or any computer] have a direct modem connection
>>>>>> that can bypass the firewall is a risk.... forget the page in the
>>>>>> SEcurity guide that documents it... but it is.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
.
- References:
- Is modem sharing available in SBS 2003?
- From: Bob Genestet
- Re: Is modem sharing available in SBS 2003?
- From: Matt Gibson
- Re: Is modem sharing available in SBS 2003?
- From: Gary Karasik
- Re: Is modem sharing available in SBS 2003?
- From: Susan Bradley
- Re: Is modem sharing available in SBS 2003?
- From: Gary Karasik
- Re: Is modem sharing available in SBS 2003?
- From: Bob Genestet
- Re: Is modem sharing available in SBS 2003?
- From: Gary Karasik
- Re: Is modem sharing available in SBS 2003?
- From: Bob Genestet
- Re: Is modem sharing available in SBS 2003?
- From: Gary Karasik
- Is modem sharing available in SBS 2003?
- Prev by Date: Re: 2nd server in network restrictions?
- Next by Date: Re: Backup Question for Rev Drive
- Previous by thread: Re: Is modem sharing available in SBS 2003?
- Next by thread: Message delivery N.D.R. 5.1.2
- Index(es):
Relevant Pages
|
|
