One time PIN?

Joined
Dec 14, 2008
Messages
1,120
Points
0
I was wondering about increasing the security of DISA for remote extensions.

Based on the assumption that hackers are monitoring SIP exchanges and recording all DTMF transaction to log credit card number or access code and that a VPN remote extension connection is not always practical (like on my Nokia SIP client), is there an easy way to have a changing/rolling code for the Authenticate function.

I was thinking about the following:

- having a 15 digit/letter pass phrase and let Asterix asking only a few digits randomly(i.e. 'Please enter the 5th,7th,10th and 12th digit' )

- having a base PIN plus a variable part (hour, minutes, date, etc...)

- a list of multiple PIN associated with their own voice request ('please enter password #5' or 'What is the name of your first pet' )...


Patrick
 
Joined
Sep 23, 2008
Messages
488
Points
0
Patrick_elx said:
Based on the assumption that hackers are monitoring SIP exchanges and recording all DTMF transaction to log credit card number or access code and that a VPN remote extension connection is not always practical
What gives you that idea?

Mate, seriously, its easier to hack a PSTN line than a SIP line ;)
 
Joined
Dec 14, 2008
Messages
1,120
Points
0
Chilling_Silence said:
What gives you that idea?

Mate, seriously, its easier to hack a PSTN line than a SIP line ;)
I'm just getting older and climbing on the phone pole is getting tougher on my poor muscle. :S
 

Members online

No members online now.

Forum statistics

Threads
30,992
Messages
131,106
Members
17,716
Latest member
Orbit114
Top