North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: A modest proposal
On Tue, 17 Sep 1996, Sean Donelan wrote: > >Tracking down hacked machines would be quicker. Sometimes you might > >be able to track back to the source where you could pull the ANI > >or callerid information out of the radius accounting logs and have > >someone knocking on their door. You only have to do this for 1 in 10 > >attacks before rumors spread around the hacker community and it stops. > > I hate to tell you, but ANI and caller-id can be spoofed too. *AND* phone calls can be hijacked midstream which has been used to take over dialin terminal connections *AFTER* the password has been given. Not that different in effect from hijacking a TCP/IP session that uses one-time passwords. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: [email protected] - - - - - - - - - - - - - - - - -
|