Security Management Guide (G06.24+, H06.03+)
Concerns for the System Administration Team
Security Management Guide—522283-008
7-12
Additional External Passwords
dial-up users) can call USER_AUTHENTICATE_ without consulting $CMON and thus
deny $CMON the opportunity to provide additional authentication or auditing.
Additional External Passwords
Some systems demand an additional systemwide password during the dial-up logon
sequence. The system password is roughly the dial-up equivalent of allowing physical
access to the main work site. Inform legitimate users of the current system password
through some means of limited distribution. Change the password periodically to
lessen the chance of intrusion.
Call-Back Routine
A call-back routine allows the system to authenticate a caller’s telephone location
before permitting the caller to access the system. The steps in a typical dial-up
procedure are:
1. The user phones the computer.
2. The computer (or call-back authentication device) answers.
3. The user enters authentication information that uniquely identifies the user.
4. The computer terminates the connection and then calls the user back at a
prearranged phone number.
5. The user (or the user’s modem) answers, reestablishes modem connections, and
then continues the logon sequence.
Because the list of phone numbers for any particular user is limited and prearranged,
the chances for intrusion are limited. A logon attempt is unsuccessful when initiated
from a telephone number not on the prearranged list.
In selecting a call-back product, consider these points:
•
Choose a product that uses a different phone line to call back. Products that use
the same phone line for incoming and outgoing phone calls can be subverted.
•
Also with separate incoming and outgoing phone lines, no call-back routine is
totally secure (because of protocol limitations between modems and phone
company equipment). Do not rely on a call-back routine as the only means of
authentication.
•
Have additional authentication take place after the phone connection is
reestablished. For example, if the user selects the wrong location code, the return
call goes to another site, where a waiting modem automatically connects with the
computer. If no additional authentication is required, any person near that terminal
can access the system.
•
Make special provisions for rovers. A rover is a dial-up user who has no permanent
location (computer service personnel, callers who dial out through PBX systems,
and so forth). To accommodate legitimate rovers, provide a standard dial-up port