[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

[IDS] HCD_PSTN_Fax_Enabled attribute

Brian Smithson brian.smithson at ricoh-usa.com
Sat Aug 15 00:36:40 UTC 2009


>
> In my previous experience with government agencies,
> the primary concern about PSTN Fax was that it could be
> used *from a compromised system or by a rogue walkup
> user* to export documents and system configuration
> information invisibly, i.e., w/out passing through a firewall
> and w/out any chance of detection by smart routers
> (ones with embedded firewalls).
Also know as "sending a fax"?


My understanding of the concern about PSTN fax modems is that someone
could establish a data session on the fax modem through which they gain
access to the customer network, circumventing the firewall. But I have
never heard of any actual exploits, nor even the technical possibility
of an exploit, so I consider it to be an irrational fear. I guess its
easier to visualize someone sneaking things past a firewall through a
fax modem than it is to visualize something like XSS or SQL injection  :-).

--
Regards,
Brian Smithson
PM, Security Research
PMP, CSM, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435



Ira McDonald wrote:
> Hi Randy,
>
> Not that I know of.
>
> In my previous experience with government agencies,
> the primary concern about PSTN Fax was that it could be
> used *from a compromised system or by a rogue walkup
> user* to export documents and system configuration
> information invisibly, i.e., w/out passing through a firewall
> and w/out any chance of detection by smart routers
> (ones with embedded firewalls).
>
> Cheers,
> - Ira
>
> Ira McDonald (Musician / Software Architect)
> Chair - Linux Foundation Open Printing WG
> Blue Roof Music/High North Inc
> email: blueroofmusic at gmail.com
> winter:
>   579 Park Place  Saline, MI  48176
>   734-944-0094
> summer:
>   PO Box 221  Grand Marais, MI 49839
>   906-494-2434
>
>
>
> On Thu, Aug 13, 2009 at 9:55 PM, Randy Turner<rturner at amalfisystems.com> wrote:
>   
>> Are there any documents on the internet that you guys know about that
>> describe existing attack vectors on PSTN/Analog Fax lines?
>>
>> Randy
>>
>>
>> On Aug 13, 2009, at 6:44 PM, Ira McDonald wrote:
>>
>>     
>>> Hi Randy,
>>>
>>> It's not that we don't care about IFax.
>>>
>>> It's that all forms of Internet Fax have protocols and IP
>>> ports that would be reported in HCD_Firewall_Setting.
>>>
>>> But many businesses and government agencies ALSO
>>> want to close the "back door" of PSTN Fax.
>>>
>>> Cheers,
>>> - Ira
>>>
>>> Ira McDonald (Musician / Software Architect)
>>> Chair - Linux Foundation Open Printing WG
>>> Blue Roof Music/High North Inc
>>> email: blueroofmusic at gmail.com
>>> winter:
>>>  579 Park Place  Saline, MI  48176
>>>  734-944-0094
>>> summer:
>>>  PO Box 221  Grand Marais, MI 49839
>>>  906-494-2434
>>>
>>>
>>>
>>> On Thu, Aug 13, 2009 at 9:02 PM, Randy Turner<rturner at amalfisystems.com>
>>> wrote:
>>>       
>>>> Hi All,
>>>>
>>>> When we came up with this attribute, we include PSTN in the name, which
>>>> means we only care about PSTN fax, and not internet-fax options such as
>>>> T.38
>>>> or other fully capable iFax features.
>>>> Did we mean to do this? We only care about PSTN? Which I assume to mean
>>>> analog fax?
>>>>
>>>> Randy
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>> _______________________________________________
>>>> ids mailing list
>>>> ids at pwg.org
>>>> https://www.pwg.org/mailman/listinfo/ids
>>>>
>>>>         
>>     
>
>   

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ids/attachments/20090814/44f983f1/attachment-0001.html>


More information about the ids mailing list