IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Threats Catalogue Deliberate Acts Remarks<br />

____________________________________________________________________ .........................................<br />

T 5.38 Misuse of remote inquiry<br />

If third parties get to know the access code of an answering machine, they can<br />

use the remote inquiry to abuse a large number of the functions of the<br />

answering machine. <strong>The</strong> most sensitive functions which can be accessed and<br />

therefore abused with remote inquiry are:<br />

- Room monitoring<br />

<strong>The</strong> room monitoring function activates the microphone of the answering<br />

machine, thus bugging the room. A fact that should be mentioned is that<br />

very few types of answering machine clearly indicate bugging by an<br />

acoustic signal, the standard indicator only consists of one LED.<br />

If this function is activated in an abusive manner during the absence of the<br />

called party, an activated monitoring of the room will not be noticed after<br />

the called party returns. All conversation inside that room will be bugged<br />

without being noticed.<br />

- Unauthorised monitoring or deletion of stored messages<br />

Incoming messages can be monitored (without authorisation) and also<br />

deleted. <strong>The</strong> consequential damage depends on the sensitivity of the<br />

recorded information.<br />

- Modifying or deleting of stored outgoing messages<br />

Some types of answering machine allow the deletion of the outgoing<br />

message by a remote inquiry, thus putting the answering machine out of<br />

action. It is also possible to confuse callers by specific incorrect<br />

information.<br />

- Modification of stored call numbers used for the call-transfer or callforwarding<br />

mode<br />

<strong>The</strong> facility call-notification makes the answering machine dial a preset<br />

telephone number automatically after receiving a call. If the called<br />

subscriber responds, a particular acoustic signal or reminder text is sent by<br />

the answering machine to indicate that a call has been recorded. Some<br />

answering machines then automatically replay the recorded call. Mostly<br />

however, the replaying of the call has to be activated by first entering a<br />

security code. In the call-forwarding mode, the calling party is routed to a<br />

preset telephone number.<br />

On deactivation of the call notification or call-forwarding mode, these<br />

functions will not be executed any more, this means that the user can no<br />

longer be notified of important calls. By re-programming these functions, it<br />

is possible to re-route calls arbitrarily, e.g. to an information service with<br />

charges.<br />

- Re-winding and fast-forwarding a tape<br />

Some answering machines with an analogue recording unit allow a remote<br />

fast-forwarding or re-winding of the tape. Fast-forwarding the tape to the<br />

end prevents the recording of subsequent calls. Re-winding the tape causes<br />

the messages already recorded to be erased by subsequent ones.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!