[ale] Encryprted External Modems
Bob Toxen
transam at verysecurelinux.com
Thu Dec 21 11:05:16 EST 2006
Wired phone lines rarely are tapped and it is a Federal felony (unless
the Guvment does it).
Encryption is your friend.
Even Windoze supports IPSec and SSH (PuTTY for SSH as someone else
already mentioned).
If it's only Windoze at one facility, put a Linux box in there with a
modem that they can connect to via modem. within this physically secure
environment. Then, have that Linux box connect to the server Linux box
via SSH or IPSec.
Bob Toxen
Just back from an on-site security project in Ireland
bob at verysecurelinux.com [Please use for email to me]
http://www.verysecurelinux.com [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
"Microsoft: Unsafe at any clock speed!"
-- Bob Toxen 10/03/2002
On Mon, Dec 18, 2006 at 06:49:22PM -0500, Christopher Fowler wrote:
> Most of my customers actually use Procom Plus. I use the word
> "Hyperterminal" to simply explain the concept of dialing into a system
> and getting access to a tty. To most of my customers (and sales reps)
> when I use that term it is understood what I mean. I prefer Minicom and
> use it on a weekly basis. On Linux of course.
>
> If this were both Linux I would simply crank out a middle man to do
> encryption on the link but since one end could be Windoze I don't want
> to touch it with a 10 ft pole.
>
> On Mon, 2006-12-18 at 17:48 -0500, John Mills wrote:
> > Christopher -
> >
> > I have had very poor experience with Hyperterminal. 'TeraTerm-Pro' is much
> > better, and free. See also 'PuTTY'. Either of them does SSH console
> > sessions out of MsWin. TeraTerm looks more like Hyperterminal and
> > shouldn't dismay a MsWin user. There are a few differences from HT in the
> > configuring controls, IIRC, but functionally they arrive about the same
> > spot. With the significant advantage that TeraTerm _works_. &8-)
> >
> > - Mills
> >
> > On Mon, 18 Dec 2006, cfowler wrote:
> >
> > > On the customer's desktop side the dial-up is not IP. I will be windoze
> > > running Hyperterminal calling the Linux side. That connection needs
> > > encryption too.
> > >
> > > On Mon, 2006-12-18 at 14:31 -0500, Pete Hardie wrote:
> > > > On 12/18/06, cfowler <cfowler at outpostsentinel.com> wrote:
> > > > > I have 2 linux boxes that need to dial each other and the tinfoil hat
> > > > > brigade is afraid someone will drop in on the PSTN connection. Can
> > > > > anyone suggest an encrypted modem we could use?
> > > >
> > > >
> > > > Are they worried about account info, or application info. If the
> > > > latter, ssh over the dialup connection should suffice.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list