Check or Attack Name: Active Modem

An active modem driver was detected. This situation only occurs when the modem is in use, or when the modem driver program is active. Modems can be a sign of an unauthorized channel around your firewall. Attackers can use the modem to circumvent network security.

The modem must not be active while the computer is attached to the network. You may want to minimize the impact of a security breach caused by unauthorized modem use by limiting which machines trust the computer using the modem.

If using a modem on the network is required, configure all Remote Access Setup ports so that the port usage can dial-out only. Verify that your dial-out network configuration protocols match exactly the protocols you need to access the remote network. Review share permissions and account security to verify that the file system is not accessible from a remote location.