RAS (Remote Access Service)
One way in which unauthorized people can get into an otherwise well-protected network is by finding a client workstation whose user has set it up with a modem for RAS access at night or while away from the office on business. If the user can dial up and gain access to this workstation, theyll have access to the same network resources that the user has access to when sitting directly in front of their computer at the office. All the Internet security in the world, to keep people from getting to your servers through the front door, cant protect against a well-meaning, hard-working employee setting up RAS on their workstation and leaving the modem turned on, creating a back door into your network.
Each user can be granted or denied access for RAS availability. Each user should be assigned a strong password and this password should be changed on a frequent basis. Continuing on the same topic, look into not echoing or remembering the last users login name.
Given that username, an unauthorized person has half of the key (the other half being the password) if they call your server. If your firm is using TCP/IP, deny ports not actively used by the users.
Home - Table Of Contents - Contact Us
CertiGuide for Network+ (http://www.CertiGuide.com/netplus/) on CertiGuide.com
Version 1.0 - Version Date: November 7, 2004
Adapted with permission from a work created by Tcat Houser and Helen O’Boyle.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.