S 5.49 Callback based on CLIP/COLP

Initiation responsibility: IT Security Management, Administrators

Implementation responsibility: Administrators

Many communication cards offer an automatic callback function. If this function is active and the communication card receives a call, it waits for a connection to be established successfully, then closes it down again immediately, and calls a preset number back. This prevents unauthorised callers from misusing a remote port as long as access is not possible via a preset number. Callback should be used whenever a specific communications partner needs to dial in automatically. It should be noted that automatic callback also accepts the costs of data transfer.

ISDN offers a variant of callback to a specific subscriber number: Using Calling Line Identification Presentation (CLIP), the addressed ISDN card identifies the source of the call request and compares the forwarded subscriber number with a table of subscriber numbers. If a valid subscriber number was forwarded via CLIP, the corresponding number stored in the table is called back.

An advantage here, compared with authentication exclusively via CLIP/COLP (refer to S 5.48 Authentication via CLIP/COLP), is that even if an unauthorised subscriber feigns an authorised call number, the call request is refused because the unauthorised subscriber cannot be accessed via the specified callback number.

Additional controls:

• Has payment of costs in the callback mode been clarified?

• When were preset call numbers last checked?