HylaFAX The world's
most advanced open source fax server
|
|
[
Date Prev][
Date Next][
Thread Prev][
Thread Next]
[
Date Index]
[
Thread Index]
Re: Security Question
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 2 Dec 1998, Guy Pelletier wrote:
> http://www.sisis.de/hylafax/
>
> Although one thing that we have done is:
> In the Solaris AdminTool we have setup up the faxing port where service
> enable is not enabled (this disables getty for that port).
> Not disabling this, conflicts with HylaFAX which manages the port itself
> with it's own process.
>
> Guy
>
> ----------
>
> and finally his reply to which I have no answer ...
>
> ----------
>
> Guy;
> Unfortunately I do not have the time to research the HylaFax product
> that you would like to use. Do you have someone there that is familiar with
> the product and can explain to me what the security features are to prevent
> non-fax access.
>
> ----------
Hi. I do some security and network consulting, as well as writing some
of the patches for HylaFAX and running several modest modem pools
myself. HylaFAX is fax/modem freeware, and is therefore extremely
flexible and powerful but is not a security system. As an incidental
use (and a very handy one) it negotiates data connections to the local
"getty" similar to that provided through UUCP and most other data
modem handling systems.
It is a simple matter to select a more secure getty for default use,
in the "setup.cache" file or when running the "faxsetup" script to
install HylaFAX, to select an invalid getty or more secured getty. It
is also possible to lock the modems into "fax only" mode by
configuring them correctly, or to configure the system to run an
extra challenge-response by putting a wrapper on your local getty,
or to set up "dialback" behavior. These are not generally built-in, and
would require some local configuration and double-checking to make
sure they did precisely what you want.
Nico Kadel-Garcia
Senior Engineer, CIRL
Mass. Eye and Ear Infirmary
raoul@cirl.meei.harvard.edu
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNmVvMT/+ItycgIJRAQH+9AP8CPv2F6oTwhMA+Hw339S/liGmOxlgBKUE
pmS7FD4DAJiEqvYqVjNr0lwJk6h7P1HAaYbRRy1+vyLB2esrLpLgDLRwc8X0GXrp
vboApq1YlZNRmGFyYe6or6rJOtL/osEpaPV9ikMqkJ0WFagrPsKUTrDQoalLTY62
rKP0KxcUgKI=
=05qf
-----END PGP SIGNATURE-----