T 5.39 Infiltrating computer systems via communication cards

A communication card (e.g. an ISDN card or an internal modem, but also an external modem) may automatically answer incoming calls. Depending on the communication software used and its configuration, it is then possible for an attacker to unobtrusively gain access to the connected IT system.

A communication card may be used to connect an external computer to a server as a terminal. If the user logs out at the end of a terminal session, but the line is maintained, an external computer may gain access similarly to using a local terminal. This way, third parties with access to this computer may test user IDs and passwords. It is far more dangerous if the connection is interrupted, but the user is not automatically logged out from the remote system. In this case, the next caller may continue working using this user ID without having to register himself/herself. This way, this user has complete access to the IT system without any identification and authentication.