Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesStranger Danger

September 1995 / Features / You CAN Take It with You / Stranger Danger

As more people gain access to the enterprise, the risk to network security increases, and WAN administrators must constantly strike a balance between connectivity and security. No security measure is foolproof, but there are steps you can take to minimize the risks.

As a rule, digital technologies are more secure than analog. Much to the chagrin of some federal agencies, the emergence of digital telecommunications technology has thwarted standard wire-tapping techniques. Recently, the FBI expressed frustration at its inability to tap ISDN circuits.

Given time, there is little doubt that the FBI, and others perhaps less honorable, will develop methods to trap digital data. Meanwhile, corporate data running over dig ital links remains relatively secure.

ISDN has additional security available through ICLID (Incoming Caller IDentification). With ISDN, call setup messages contain the numbers of the calling and called parties. Network devices can be programmed to check the ICLID and reject connection attempts from unauthorized telephone numbers. LAN administrators must realize that ICLID information only indicates that the correct line is being used--it does not validate the user.

No matter what security measures are inherent in the technology you choose, continue to take more mundane defenses seriously. Passwords are a good first line of defense for keeping unauthorized remote users away from network services. However, password protection should be used only in combination with other security measures.

Authentication, based on Kerberos or internal codes created in WAN devices, is also valuable for WAN security.

Callbacks are another popular form of security for both analog and digital services. T he user calls in, is validated, and is disconnected. The network then calls back the validated user. Besides providing security, callbacks can be a helpful tool for billing purposes.

There is also the possibility of unauthorized access through a telecommuter's workstation. The solutions here are much the same as those for the corporate environment. The workstation can be password-protected. Automatic log-ins should be prohibited.

Restricting physical access to the workstation at home is more difficult than in the office, but it can be done.

Up to the Features section contentsGo to previous article: You CAN Take It with YouSearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network