[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

Ira McDonald blueroofmusic at gmail.com
Fri Aug 14 14:56:23 UTC 2009 

Hi Randy,

Not that I know of.

In my previous experience with government agencies,
the primary concern about PSTN Fax was that it could be
used *from a compromised system or by a rogue walkup
user* to export documents and system configuration
information invisibly, i.e., w/out passing through a firewall
and w/out any chance of detection by smart routers
(ones with embedded firewalls).

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Chair - Linux Foundation Open Printing WG
Blue Roof Music/High North Inc
email: blueroofmusic at gmail.com
winter:
  579 Park Place  Saline, MI  48176
  734-944-0094
summer:
  PO Box 221  Grand Marais, MI 49839
  906-494-2434



On Thu, Aug 13, 2009 at 9:55 PM, Randy Turner<rturner at amalfisystems.com> wrote:
>
> Are there any documents on the internet that you guys know about that
> describe existing attack vectors on PSTN/Analog Fax lines?
>
> Randy
>
>
> On Aug 13, 2009, at 6:44 PM, Ira McDonald wrote:
>
>> Hi Randy,
>>
>> It's not that we don't care about IFax.
>>
>> It's that all forms of Internet Fax have protocols and IP
>> ports that would be reported in HCD_Firewall_Setting.
>>
>> But many businesses and government agencies ALSO
>> want to close the "back door" of PSTN Fax.
>>
>> Cheers,
>> - Ira
>>
>> Ira McDonald (Musician / Software Architect)
>> Chair - Linux Foundation Open Printing WG
>> Blue Roof Music/High North Inc
>> email: blueroofmusic at gmail.com
>> winter:
>>  579 Park Place  Saline, MI  48176
>>  734-944-0094
>> summer:
>>  PO Box 221  Grand Marais, MI 49839
>>  906-494-2434
>>
>>
>>
>> On Thu, Aug 13, 2009 at 9:02 PM, Randy Turner<rturner at amalfisystems.com>
>> wrote:
>>>
>>> Hi All,
>>>
>>> When we came up with this attribute, we include PSTN in the name, which
>>> means we only care about PSTN fax, and not internet-fax options such as
>>> T.38
>>> or other fully capable iFax features.
>>> Did we mean to do this? We only care about PSTN? Which I assume to mean
>>> analog fax?
>>>
>>> Randy
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>> _______________________________________________
>>> ids mailing list
>>> ids at pwg.org
>>> https://www.pwg.org/mailman/listinfo/ids
>>>
>>
>
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the ids mailing list