S 5.49 Callback based on CLIP/COLP
Initiation responsibility: Administrator, IT Security Officer
Implementation responsibility: Administrator
Many communication cards offer an automatic callback function. If this function is enabled and the communication card receives a call, it waits for a connection to be established successfully, then closes it down again immediately, and calls a preset number back. This prevents unauthorised callers from misusing a remote port as long as access is not possible via a preset number. Callback should be used whenever a specific communications partner needs to dial in automatically. It should be noted that automatic callback also accepts the costs of data transfer.
ISDN offers a variant of callback to a specific subscriber number: Using the ISDN function Calling Line Identification Presentation (CLIP), the addressed ISDN card identifies the source of the call request and compares the forwarded subscriber number with a table of subscriber numbers. If a valid subscriber number was forwarded via CLIP, the corresponding number stored in the table is called back.
An advantage here, compared with authentication exclusively via CLIP/COLP (see S 5.48 Authentication via CLIP/COLP), is that even if an unauthorised subscriber feigns an authorised call number, the call request is refused because the unauthorised subscriber cannot be accessed via the specified callback number.
Review questions:
- Is callback used whenever a specific communications partner needs to be able to dial in automatically?
- Are the numbers stored in the table of numbers checked regularly for up-to-dateness and necessity?