Ask the Expert

Security issues associated with LAN and PSTN lines

If a Windows 2000 PC is connecting to both LAN and PSTN lines, what security issues will arise?

There are a two major security issues:

1. The unauthorized use of the PSTN to circumvent your LAN based Internet security policy

2. The ability of the PC to be connected to by an external host, thus providing the means to bypass your firewalls and get access to your internal network

In the first, the problem is that the user can simply dial up an ISP if they want to access content that your organization has decided to block. This can provide a means for viruses, worms and other malicious traffic to enter your network without your knowledge. In the second, this allows an external attacker to potentially "call" the computer and if it is running any kind of remote access software (for example, PC Anywhere) they could potentially gain access to the computer and thus have a machine on the internal network with which to launch their attacks.

In general, I recommend disallowing all PSTN, dial-up and analog access from the internal network. In the event that you have to provide such access though, I would ensure the following:

  • The computer is not running any kind of remote access software (i.e. PC Anywhere)
  • All inbound and outbound analog and PSTN access must go through a PBX firewall (such as www.securelogix.com), allowing you to restrict not only what numbers can be called, but what numbers can call in.

  • This was first published in June 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: