 |
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
 |
|
|||||||||||
 |
 |
 |
 |
|
|||||||||
 |
 |
|
|||||||||||
|
 |
Network Penetration Services |  |
|
PBX Security |  |
|
||||||
 |
 |
 |
|
 |
|
||||||||
|
Network Vulnerability Assessment | Voice Mail Security | |
||||||||||
|
|
|
|
|
|
||||||||
 |
Wireless Security | RAS Security | |
||||||||||
|
|
|
|
|
|
||||||||
|
Telecoms Security | |
|
||||||||||
|
|
|
|
|
|
||||||||
|
|
||||||||||||
|
|
|
|
|
|
||||||||
|
|
||||||||||||
|
|
|
|
|
|
||||||||
|
|
||||||||||||
 |
|
||||||||||||
 |
 |
 |
|
 |
|
||||||||
RAS Security Dial in systems are commonly required for home workers, remote maintenance and branch offices. These may be PSTN, ISDN or VPNs built using Internet connectivity. Such points of dial in access to corporate networks may constitute weak links in the perimeter. Illicit modems may be installed on phone lines by staff hoping to evade the restrictions imposed by corporate firewalls. These points may not be properly authorised or controlled and may be used to provide dial in access to work machines. Legacy systems with integrated dial in access may be forgotten due to poor documentation and maintenance. Risks Dial in systems can provide illicit access to internal IT systems leading to leakage of information and backdoors into the corporate network. Advantages RAS security services can assist in enumerating dial in systems and discovering risk to business from unprotected systems. Telecom and IP based dial in systems are located using a combination of simple automated and manual methods. Specific points of access are located for example VPN access points and telephone numbers used for dial in systems. Weaknesses can then be discovered and risks mitigated. |
