>> In my previous experience with government agencies,
> the primary concern about PSTN Fax was that it could be
> used *from a compromised system or by a rogue walkup
> user* to export documents and system configuration
> information invisibly, i.e., w/out passing through a firewall
> and w/out any chance of detection by smart routers
> (ones with embedded firewalls).
Also know as "sending a fax"?
My understanding of the concern about PSTN fax modems is that someone
could establish a data session on the fax modem through which they gain
access to the customer network, circumventing the firewall. But I have
never heard of any actual exploits, nor even the technical possibility
of an exploit, so I consider it to be an irrational fear. I guess its
easier to visualize someone sneaking things past a firewall through a
fax modem than it is to visualize something like XSS or SQL injection :-).
--
Regards,
Brian Smithson
PM, Security Research
PMP, CSM, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435
Ira McDonald wrote:
> Hi Randy,
>> Not that I know of.
>> In my previous experience with government agencies,
> the primary concern about PSTN Fax was that it could be
> used *from a compromised system or by a rogue walkup
> user* to export documents and system configuration
> information invisibly, i.e., w/out passing through a firewall
> and w/out any chance of detection by smart routers
> (ones with embedded firewalls).
>> Cheers,
> - Ira
>> Ira McDonald (Musician / Software Architect)
> Chair - Linux Foundation Open Printing WG
> Blue Roof Music/High North Inc
> email: blueroofmusic at gmail.com> winter:
> 579 Park Place Saline, MI 48176
> 734-944-0094
> summer:
> PO Box 221 Grand Marais, MI 49839
> 906-494-2434
>>>> On Thu, Aug 13, 2009 at 9:55 PM, Randy Turner<rturner at amalfisystems.com> wrote:
>>> Are there any documents on the internet that you guys know about that
>> describe existing attack vectors on PSTN/Analog Fax lines?
>>>> Randy
>>>>>> On Aug 13, 2009, at 6:44 PM, Ira McDonald wrote:
>>>>>>> Hi Randy,
>>>>>> It's not that we don't care about IFax.
>>>>>> It's that all forms of Internet Fax have protocols and IP
>>> ports that would be reported in HCD_Firewall_Setting.
>>>>>> But many businesses and government agencies ALSO
>>> want to close the "back door" of PSTN Fax.
>>>>>> Cheers,
>>> - Ira
>>>>>> Ira McDonald (Musician / Software Architect)
>>> Chair - Linux Foundation Open Printing WG
>>> Blue Roof Music/High North Inc
>>> email: blueroofmusic at gmail.com>>> winter:
>>> 579 Park Place Saline, MI 48176
>>> 734-944-0094
>>> summer:
>>> PO Box 221 Grand Marais, MI 49839
>>> 906-494-2434
>>>>>>>>>>>> On Thu, Aug 13, 2009 at 9:02 PM, Randy Turner<rturner at amalfisystems.com>
>>> wrote:
>>>>>>> Hi All,
>>>>>>>> When we came up with this attribute, we include PSTN in the name, which
>>>> means we only care about PSTN fax, and not internet-fax options such as
>>>> T.38
>>>> or other fully capable iFax features.
>>>> Did we mean to do this? We only care about PSTN? Which I assume to mean
>>>> analog fax?
>>>>>>>> Randy
>>>>>>>>>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>>>>> _______________________________________________
>>>> ids mailing list
>>>>ids at pwg.org>>>>https://www.pwg.org/mailman/listinfo/ids>>>>>>>>>>>>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ids/attachments/20090814/44f983f1/attachment-0001.html>