On Tue, 17 Sep 1996, Sean Donelan wrote:
Tracking down hacked machines would be quicker. Sometimes you might be able to track back to the source where you could pull the ANI or callerid information out of the radius accounting logs and have someone knocking on their door. You only have to do this for 1 in 10 attacks before rumors spread around the hacker community and it stops.
I hate to tell you, but ANI and caller-id can be spoofed too.
*AND* phone calls can be hijacked midstream which has been used to take over dialin terminal connections *AFTER* the password has been given. Not that different in effect from hijacking a TCP/IP session that uses one-time passwords. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com