Telephone Dial Security

• Lock and Key Security
• Two-Factor Authentication
• Touch-Tone Passwords

Telephone access to computers and other hardware is growing exponentially. Paralleling this is also the growth in illegal access. The reasons for this illegal access range from outright piracy to vandalism by current or ex-employees. Many times simply finding an open modem presents an open challenge to hacker groups, which often results in the intentional or unintentional corruption of some files.

The requirement for caller authentication crosses every size of business and every industry line. Some of the main requirements for caller authentication in today's world are:

1. Access by customers, sales personnel, telecommuters, or anyone requiring authorized access.

2. Securing maintenance ports. This is the fastest growing requirement. As such, Security is also a part of many CPS remote access products.

3. Preventing exposure of the corporate LAN to unauthorized access as well as to unscrupulous web sites that may be accessed by unknowing or uncaring employees.

4. To add hardware to current password system to meet the requirement of "Two Factor Authentication".

These products are based on three primary methods of authentication:

• The Challenge Response Concept
  The CHALLENGER FAMILY of hardware security products connect to the analog side of the operative modems and operate on a LOCK and KEY principle. Any call to a modem with a LOCK connected to it, is challenged for the presence of the proper matchbox-sized user KEY connected to the caller's modem. Unauthorized calls and nuisance calls, without the proper KEY are defeated in less than ½ second. They are also never recorded as modem answered calls by war dialers or other monitoring systems. The encrypted challenge changes with each call. It may be used as a stand-alone authentication system or with current password systems for "two-factor authentication". It is 100% transparent to the hardware/software and to the user making it extremely easy to use while being very effective.

• The Caller ID Security Concept
  Caller ID was not developed for the purpose of providing dial line security, but with the proper hardware at the receiving end, it can be used for that purpose. It is not considered to be a high security approach, but is probably adequate for 90% of the requirements.

  It has the cost advantage of not requiring any additional hardware at the calling locations. All that is required is buying the service from the local phone company and the appropriate CID recognition hardware at the receiving location. Its disadvantage is that it is not mobile. Calls must be made from the same, or a limited number of different locations.

• Touch-Tone Passwords
  Touch-Tones are the most economical method of accessing a secure system because no hardware or other means of identification is required at the caller's end. But like other passwords, they are the most easily compromised and they place the greatest burden on the caller (remembering them and missing entries). The burden increases with the number of digits required.

  However, reducing the number of digits increases the risk of being hacked. As an example, a two digit numeric touch access code yields only 100 different combinations, four digits yield 10,000 combinations, six digits 1,000,000 combinations, and eight digits 100,000,000 combinations; add the * and the # sign or other sign on requirements and the numbers increase.

  Nevertheless, Touch-Tone passwords do have their place. We recommend them for "pest control" in applications where they are used to simply screen out wrong numbers or low-level hacker attempts on relatively unimportant data or remote AC power or reset control lines. Higher level passwords (more digits) are normally used in modem applications where the password digits can be appended to a preset AT dial command.

$150.00 pair $79.00 each	CHALLENGER P2 Matchbox-sized units. For smaller or widely dispersed dial networks. A "quick fix" for maintenance ports or to secure entire enterprises. The MASTER LOCK is used to program auxiliary units locally or remotely.
$225.00 set $82.50 each	04/2005 CHALLENGER P3 Field programmable hardware security system for larger multi-location applications. A "quick fix" for maintenance ports or to secure entire enterprises.
$175.00 set $99.00 each	CHALLENGER P2 Bi-LEVEL ACCESS SYSTEM (P2 BAS) Hardware security system for maintenance modems or any secure groups application that also requires Secure MASTER LEVEL Access.
$1195.00 and up	STANDARD CHALLENGER 19" rack mount "central site" system. Secures up to 64 lines. The KEYs also have user ID numbers for audit or disable purposes. RS-232 port provides great audit reports.
$295.00	TELCO LINE TO COMPUTER INTERFACE  (TLC) Provides modem security using CHALLENGER KEYs or CALLER ID. An RS-232 port provides great detailed reports. It is also used to program the authorization numbers into the unit. It may also simply be used for detailed audit reports.
$135.00	CHALLENGER TT Touch-Tone password security unit. Up to eight numeric digits. Answers the line and waits for the Touch-Tone password. Hides modems from war-dialers.
$159.00	CONTROLLED ACCESS SWITCH  (CAS) Provides controlled access to your remote systems via touch-tones.
$85.00	MINI FIREWALL External hardware switch that connects to the modem and the LAN. It breaks the LAN connection any time the modem is in use (inbound or outbound). It prevents LAN access through a dial modem connection. It is oriented toward PC clients and Servers that have both modem and LAN connections. External box or wall plate.
$125.00	ENFORCER External switch that operates similarly to the Mini Firewall except, that it requires execution of software (normally a virus or audit program) prior to re-establishing the LAN.