 |
|
 |
|
 |
|
Information
Security Inc. |
 |
|
|
| |
CounterMeasures
Inc. offers a wide range of information
security services to clients. Whatever your security
need
may be, we can provide you with the tools needed
for the job. |
|
|
|
| Modem
Vulnerability Identification |
| Who's
slipping in the back door undetected? |
| Modems
represent an alternate method
of connecting to your corporate
network and its systems. As
such, they are outside the monitoring
capability of the Internet firewall(s),
and often have little or no
audit trail or logging capability
on the system to which they
are connected. Additionally,
the sheer quantities
of modems used in your company
can be difficult to manage from
both audit and security perspectives.
|
| Network
security is typically achieved
by minimizing access points,
installing firewalls and using
strong authentication (i.e.
token cards) as a means to authenticate
valid remote users. However,
the continuing increase in speed
of modems, a telecommuting-based
employee force, temporary contractors,
and employees who are unaware
of the increased risk these
devices present to the company
works against your audit and
security efforts to secure your
corporate systems and network
resources. |
| You're
probably already familiar with
the 80/20 threat. 80% of the
threat to the integrity of your
systems and information is from
the inside (employees, contractors,
vendors.) A significant security
breach from the inside can be
dealt with quietly and is fairly
easy to contain. However, the
20% threat is dangerous in that
it's an intrusion from the outside,
difficult to contain, and often
ends up on the newspapers' headlines...
destroying investor and client
confidence in the victim company. |
| Modem
identification and vulnerability
assessment is one of Countermeasures
specialties. |
| Through
the years, we've seen about
every time of modem used for
every possible type of connection
to a system imaginable. True
modem hunting -- the 'bagging
and tagging' of dialups, is
not for amatures, and we stress
caution to anyone who would
hire just any consulting firm
for this service. Many firms
are relatively new to this arena
and use software which is still
not mature or in development
stage - unproven. They'll use
it to dial your modem lines
and claim they know where every
vulnerability is. But missed
line... a single missed vulnerability,
can be disasterous to your company. |
| Sure,
we run those programs. But when
it comes to dialups, today,
nothing can substitute for good
old-fashioned manual 'look &
see' in combination with a mechanized
scan. We fully exercise each
system found with a modem on
it. And the audit report you
get back by this method will
be reliable and will accurately
identify vulnerable modems and
the systems connected to them.
|
|
|
|
We'll
provide you a comprehensive report which will
enable your staff to minimize the exposures. Each
and every vulnerability found - and subsequently
secured - will reduce the opportunity of intruders.
From our perspective, this is time and effort
well-spent, and every dollar of your budget which
goes in this direction is a wise investment. |
|
|
|
|
|
|
|
|
|
|
