|
Initiation responsibility: IT Security Management, Administrators
Implementation responsibility: Administrators
Many communication cards offer an automatic callback function. If this function is active and the communication card receives a call, it waits for a connection to be established successfully, then closes it down again immediately, and calls a preset number back. This prevents unauthorised callers from misusing a remote port as long as access is not possible via a preset number. Callback should be used whenever a specific communications partner needs to dial in automatically. It should be noted that automatic callback also accepts the costs of data transfer.
ISDN offers a variant of callback to a specific subscriber number: Using Calling Line Identification Presentation (CLIP), the addressed ISDN card identifies the source of the call request and compares the forwarded subscriber number with a table of subscriber numbers. If a valid subscriber number was forwarded via CLIP, the corresponding number stored in the table is called back.
An advantage here, compared with authentication exclusively via CLIP/COLP (refer to S 5.48 Authentication via CLIP/COLP), is that even if an unauthorised subscriber feigns an authorised call number, the call request is refused because the unauthorised subscriber cannot be accessed via the specified callback number.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |