North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Denial of service attacks apparently from UUNET Netblocks
On Tue, 7 Oct 1997, Mike Diehn wrote: > On Tue, 7 Oct 1997, Eric Wieling wrote: > > > On Tue, Oct 07, 1997 at 01:03:14AM -0400, Charles Sprickman wrote: > > > I would not be surprised if the caller's phone number were logged, most > > > modern modem banks talk ANIS and DNIS, which if I'm remembering correctly > > > is basically caller ID. I'm thinking of putting this on our POP, as there > > > doesn't seem to be an extra charge to get the data from the telco. > > > > Unless you are using CallerID authentication, the Ascend MAXes do not > > log the caller's number. I assume that the TNT's have the same > > problem. > > Hmmmm.... I have a few Ascend Max 400Xs using PRI T-1s for ISDN dialup > and they log ANI, DNIS and a slew of other session specific info to > LOCAL4. We don't use CallerID authentication. > > Here's an example of a single ISDN session, sanitized info is in braces. > > {Date Time FQDN} ASCEND: slot 0 port 0, line 1, channel 6, Incoming Call, {10-DIGIT-ANI} > {Date Time FQDN} ASCEND: slot 9 port 4, Assigned to port, {10-DIGIT-ANI} > {Date Time FQDN} ASCEND: call 50 AN slot 9 port 4 64K {7-DIGIT-DNIS} > {Date Time FQDN} ASCEND: slot 9 port 4, LAN session up, {USERNAME} > {Date Time FQDN} ASCEND: call 50 CL 0K u={USERNAME} c=2 p=65 > {Date Time FQDN} ASCEND: slot 9 port 4, line 1, channel 6, Call Disconnected > {Date Time FQDN} ASCEND: slot 9 port 4, Call Terminated > {Date Time FQDN} ASCEND: slot 0 port 0, LAN session down, {USERNAME} > {Date Time FQDN} ASCEND: call 50 CL 0K > > Now, I don't know if the analog modems in maxen will log this inf. > or not, but it's worth knowing that a max can do it for some types > of calls. One question, "can't the sender (aka the person initiating the call) forge the ANI information?" I know on a cisco (1003 series) it will croak if this is incorrect, but what about an Ascend or other ISDN device? Unless things have changed I don't think the TELCO's in the USA guarantee the ANI is correct. bye, ken emery
|