on 7-25-2008 1:27 PM James B. Byrne spake the following:
If the system doesn't answer the data attempts, you should only have to worry if someone can send a crafted bit of data that will trigger a buffer overflow when the "fax image" is processed. I haven't heard of one, though.I have already deployed a fax server and am about to deploy a backup system for this host at our off-site facility. It struck me that I have given no thought to securing the serial port to unauthorized access. The modem is a Multi-Tech MT5634ZBA which supports data as well as fax. So this poses the same type of risk, if not to the same degree, as an ssh or telnet port but without the availability of a firewall to throttle repeated unsuccessful connection attempts. Are there any recommendations on what should be done in this circumstance or am I fretting unduly? Regards,
You might be able to turn off the modems ability to answer any capabilities but fax, and Class 1 fax AFAIR doesn't support a data channel. Only Class 2.0.
-- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
