Remote Serial Console HOWTO
Prev	Chapter 9. Security	Next

9.12. Interception of telephony links

Modems calls over telephones can be intercepted. This can be an issue if you do not trust a telecommunications carrier in your call's path, or do not trust the law enforcement agencies that may request interception facilities from that carrier.

International calls are particularly exposed. Calls which are routed across satellite or wireless links can be intercepted by readily-available radio receivers. Calls routed across undersea links are much more expensive to intercept, so this is probably limited to national governments, such as those using the Echelon system.

If you do not pass sensitive data over the link, then the major exposure is typing in your user name and password. Look into S/KEY or look into OPIE and its related An OPIE for PAM.

These one-time password systems have flaws, a good summary of these is Vulnerabilities in the S/KEY one time password system by Peiter ‘mudge’ Zatko.

	Interception-defeating key material
	Possessing cryptographic key material, such as a one-time password generator or list of one-time passwords, which intended to defeat legislatively-permitted interception is a serious criminal offense in some countries. You must acquiant yourself with the laws in your jurisdiction and the laws of jurisdictions you may travel through.

Interception-defeating key material

Possessing cryptographic key material, such as a one-time password generator or list of one-time passwords, which intended to defeat legislatively-permitted interception is a serious criminal offense in some countries.

You must acquiant yourself with the laws in your jurisdiction and the laws of jurisdictions you may travel through.

Prev	Home	Next
Log attempted access	Up	Configuring a kernel to support serial console