From Remote Access Server STIG
Part of SRC-RAS-070 Caller ID logs
Associated with IA controls: ECSC-1
Ubiquitous phone lines open major security holes in a network. The more tightly they can be controlled, the less the exposure to vulnerabilities. Allowing special features to remain active on modem phone lines create advantageous situations for malicious attacks. An attacker may use special features to forward modem or voice calls to destinations that cause toll-fraud, or forward the number to itself causing a denial of service. ANI logs are ideal for auditing unauthorized accesses and toll-fraud.
Interview the IAO and ask to see a copy of the logs.
Maintain and review call logs. Audit records should be stored for a period of 1 year.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer