Back to Contents Page

Callback Security: Multi-Tech MT5634ZBA User's Guide

Introduction • Setup Procedures • Calling Procedures • Callback Security Commands

Introduction

This chapter describes how to use callback security with your modem.

Callback security protects your network from unauthorized access and helps control long distance costs. When callback security is enabled, all callers are requested to enter a password. If a valid password is received, the modem hangs up and returns the call by dialing a phone number that is stored with the password. The person being called back must then enter the password a second time to establish a connection.

Up to 30 callback passwords and dialing strings can be stored in the modem. Each dialing string can be up to 34 or 35 characters long and can contain commands as well as phone numbers. For mobile callers, the dialing string can be programmed to allow the caller to bypass the stored callback number by entering a temporary callback number, to enter an extension at the callback number, or to make a direct connection without callback.

For local security, the passwords and dialing strings that are stored in the modem are protected from tampering by a setup password, which you should change when you set up the modem. You can further protect the modem against tampering by disabling its ability to respond to most AT commands. To check for attempted break-ins, you can request the modem to display the number of failed password attempts.

Setup Procedures

Your modem was shipped with a default setup password (MTSMODEM). The same password is used for both callback security and remote configuration. Because anyone who has access to this manual has access to the default password, you should change the password during your initial setup.

To Change the Setup Password

1. Open a data communication program such as HyperTerminal.
2. In the terminal window, type AT#SMTSMODEM (or AT#Sxxxxxxxx if you have replaced the MTSMODEM password with xxxxxxxx) and press ENTER. The modem responds with OK if the setup password is correct, and ERROR if it is wrong.
3. To change the password, type AT#S=xxxxxxxx, where xxxxxxxx stands for the password, and press ENTER. The password can include any keyboard character, and can be up to eight characters long. The modem responds with OK.
4. The new password is saved automatically. You can now either enter more AT commands or exit the data communications program. The next time you wish to set up the modem you must use the new password.

NOTE: Passwords are case sensitive. The next time you enter the password, it must be in the case that you set it up.

To Turn Callback Security On and Off

Callback security must be turned on to enter many callback security commands.

1. Open a data communication program such as HyperTerminal.
2. In the terminal window, type AT#Sxxxxxxxx, where xxxxxxxx is your password, and press ENTER. The modem responds with OK if the setup password is correct, and ERROR if it is wrong.
3. Type one of the following commands:
   • To turn off callback security, type AT#CBS0 and press ENTER. Callers no longer need a password to connect to the modem, the modem is unable to call them back, and the stored dialing command locations 0–3 become available.
   • To turn on both local and remote callback security, type AT#CBS1 and press ENTER. With local security turned on, you must enter the setup password before you can enter any AT command except the AT, ATIn, and AT#Sxxxxxxxx commands. For a description of remote callback security, see the following paragraph.
   • To turn on remote callback security only, type AT#CBS2 and press ENTER. With remote callback security turned on, each caller is asked to enter a password, is called back, and then is asked to enter the password again before a connection can be made. Also, dialing command locations 0–3, for use with the DS=y dialing command, are replaced by callback dialing command locations 0–29.
   • To temporarily disable callback security if the modem is set to #CBS1 or #CBS2 (for instance, to call another modem), type AT#CBS3 and press ENTER. The modem returns to its original setting when you issue the hangup command (+++ATH) or the modem is reset. Note that if a remote modem breaks the connection, callback security remains disabled.

To Set the Parity of the Callback Security Messages

The parity of the modem's password prompt and messages must match the parity of the computer the modem is connected to.

1. Open a data communication program, such as HyperTerminal.
2. In the terminal window, type AT#Sxxxxxxxx, where xxxxxxxx is your password, and then press ENTER. The modem responds with OK if the setup password is correct, and ERROR if it is wrong.
3. The default parity value for your modem is no parity (AT#CBP0). To change the modem's prompt messages to use even parity, type AT#CBP2 and press ENTER. For odd parity, type AT#CBP1 and press ENTER.
4. To store the new parity value, type AT&W, and press ENTER.

To Assign Callback Passwords and Phone Numbers

1. Open a data communication program, such as HyperTerminal.
2. In the terminal window, type AT#Sxxxxxxxx, where xxxxxxxx is your password, and then press ENTER. The modem responds with OK if the setup password is correct, and ERROR if it is wrong.
3. Enable callback security by typing AT#CBS1 or AT#CBS2 and then pressing ENTER.
4. To store a callback password for the first callback memory location, type AT#CBN0=xxxxxxxx, where xxxxxxxx is the first password, and press ENTER. The password must be unique, must be six to eight characters in length, and must not contain a + or - character.
5. To store a callback password for the second callback memory location, type AT#CBN1=xxxxxxxx, where xxxxxxxx is the second password, and then press ENTER. Note that the memory location number in the command is incremented by one.
6. Repeat as many times as necessary, up to memory location 29, until all passwords have been entered.
7. To store a callback phone number in the first memory location, type AT&Z0=[+][-]ATxxxxxxxx[,???], where xxxxxxxx is the dialing string, and then press ENTER. The phone number must be preceded by DT, for tone dialing, or DP, for pulse dialing. The dialing string can also include other AT commands. Example: AT&Z0=+-ATM0DT5551212. Up to 35 characters can be used. The +, -, and ??? characters are optional:

   +	Number entry. Add if you want a mobile caller to be able to enter his current phone number for callback.
   -	Direct connection. Add if you want a caller to be able to choose to connect directly without being called back.
   ,???	Extension entry. Must be used with the + command. Add if you want a caller to be able to enter an extension number for callback. The number of ? characters should equal the number of digits in the extension.

8. To store a callback phone number in the second memory location, type AT&Z1=[+][-]ATxxxxxxxx[,???], where xxxxxxxx is the dialing string, and press ENTER. Note that the memory location number in the command is incremented by one.
9. Repeat as many times as necessary, through memory location 29, until all dialing strings have been entered.
10. To review your entries, type AT&V and then press ENTER.

Calling Procedures

Use the following procedures to call a modem that has callback security enabled.

NOTE: Auto answer must be enabled on the calling modem (S0=1).

Password-Only Callback

Use this procedure when calling from a fixed location.

1. Using a data communication program, such as HyperTerminal, dial the number of the callback modem.
2. When the connection is established, the callback modem responds with the following message: Password>
3. Type the password corresponding to the phone number for your modem, and then press ENTER. You have three attempts or one minute to enter a valid password.
4. If the password is valid, the following message appears, and the modems disconnect: OK Disconnecting
5. After the delay specified by the #CBDn command, the callback modem calls the number associated with the password. If the callback modem is unable to establish a connection, it tries again, up to the number of attempts specified by the #CBAn command.
6. After the modems reconnect, the following message reappears: Password>
7. Type the same password that you used to initiate the call. You have three attempts to enter the password or be disconnected.
8. If the password is valid, the following message appears and the modems establish a working connection: OK Connecting

Number-Entry Callback

Mobile callers should use this procedure when calling from a phone number different from that stored with the password. The password that is used must be set up for optional number-entry callback.

1. Using a data communication program, such as HyperTerminal, dial the number of the callback modem.
2. When the connection is established, the callback modem responds with the following message: Password>
3. Type a number-entry password, press the plus key (+), type ATDT and the number to call back to, and then press ENTER. You have three attempts or one minute to enter a valid password.

   NOTE: When you type your phone number, be sure to include the long distance and area codes if they are needed.

4. If the password is valid, the following message appears, and the modems disconnect: OK Disconnecting
5. After the delay specified by the #CBDn command, the callback modem calls the number that you entered after the + character. If the callback modem is unable to establish a connection, it tries again, up to the number of attempts specified by the #CBAn command.
6. After the modems reconnect, the following message reappears: Password>
7. Type the same password that you used to initiate the call. You have three attempts to enter the password or be disconnected.
8. If the password is valid, the following message appears and the modems establish a working connection: OK Connecting

Extension-Entry Callback

Use this procedure when calling from an extension at the callback number. The password that you use must be set up for an optional extension-entry callback.

1. Using a data communication program, such as HyperTerminal, dial the number of the callback modem.
2. When the connection is established, the callback modem responds with the following message: Password>
3. Type an extension-entry password, press the plus key (+), type the extension to call back to, and then press ENTER. You have three attempts or one minute to enter a valid password.
4. If the password is valid, the following message appears, and the modems disconnect: OK Disconnecting
5. After the delay specified by the #CBDn command, the callback modem calls the extension that you entered after the + character. If the callback modem is unable to establish a connection, it tries again, up to the number of attempts specified by the #CBAn command.
6. After the modems reconnect, the following message reappears: Password>
7. Type the same password that you used to initiate the call. You have three attempts to enter the password or be disconnected.
8. If the password is valid, the following message appears, and the modems establish a working connection: OK Connecting

Direct Connection

Use this procedure when you want to connect without first being called back. The password that you use must be set up for an optional direct connection.

1. Using a data communication program, such as HyperTerminal, dial the number of the callback modem.
2. When the connection is established, the callback modem responds with the following message: Password>
3. Type a direct connection password, press the - key, and then press ENTER. You have three attempts or one minute to enter a valid password.
4. If the password is valid, the following message appears and the modems establish a working connection: OK Connecting

Callback Security Commands

The following AT commands are used with callback security. Most can be entered only after the setup password has been entered.

#CBAn - Callback Attempts
n = 1–255
Default: 4
Sets the number of callback attempts that are allowed after passwords have been exchanged between modems. This command can be used only after the setup password has been entered and callback security enabled.

#CBDn - Callback Delay
n = 0–255
Default: 15
Sets the length of time (in seconds) that the modem waits before calling back the remote modem. This command can be used only after the setup password has been entered and callback security enabled.

#CBF? - Callback Failed Attempts Display
Requests the number of failed callback passwords since reset or power-up. This number can be stored to nonvolatile memory using the &W command. This command can be used only after the setup password has been entered and callback security enabled.

#CBFR - Callback Failed Attempts Reset
Resets the number of failed callback passwords to 0. This does not reset the number stored in nonvolatile memory. This command can be used only after the setup password has been entered and callback security enabled.

#CBIn - Local Callback Inactivity Timer
n = 1–255
Default: 20
Sets the time (in minutes) that the modem waits for a command before requiring the user to enter the setup password again.This command can be used only after the setup password has been entered and callback security has been enabled for local/remote operation (#CBS1).

#CBNy=x - Store Callback Password
y = 0–29
x = password
Sets the callback security password for the y memory location. The password must have 6 to 10 characters, and cannot include the + or - characters. This command can be used only after the setup password has been entered and callback security enabled.

#CBPn - Callback Parity
Sets parity for the callback security messages. The parity of the messages should match the parity of the computer the modem is attached to. This command can be used only after the setup password has been entered and callback security enabled.

#CBP0	No parity. Default.
#CBP1	Odd parity.
#CBP2	Even parity.

#CBRy - Callback Security Reset
y = 0–29
Clears the password and phone number in the y memory location. This command can be used only after the setup password has been entered and callback security enabled.

#CBSn - Callback Enable/Disable
Enables or disables callback security options. When callback security is enabled, phone number memory locations 0–4, used for quick dialing and DTR dialing, become unavailable and are replaced by callback security memory locations 0–29. The phone number memory locations and their contents are restored when callback security is disabled.

#CBS0	Disables callback security. With this command, the modem connects as if it did not have callback security. This command can be used only after the setup password has been entered. Default.
#CBS1	Enables local and remote callback security. Local callback security requires that the setup password be entered to use the AT command set. The only AT commands that are available without the setup password are AT, ATI, and AT#Sx. For the remote callback security description, see the #CBS2 description. This command can be used only after the setup password has been entered.
#CBS2	Enables remote callback security only. When remote callback security is enabled, the modem waits for a call, challenges the remote modem, calls back the remote modem, and challenges the remote modem again. Local security is disabled, allowing calls to be made from the modem without entering the setup password. This command can be used only after the setup password has been entered.
#CBS3	Temporarily disables callback security if either #CBS1 or #CBS2 is enabled. Callback security remains disabled until the hangup command (+++ATH) is executed locally or the modem is reset. This command can be used only after the setup password has been entered.

#Sx - Enter Setup Password
x = password (1–8 characters, case sensitive)
Default: MTSMODEM
Enters the password used for callback security and remote configuration setup. This command allows the use of all callback security commands.

#S=x - Store Setup Password
x = password (1–8 characters, case sensitive)
Default: MTSMODEM
Stores a new password for callback security and remote configuration setup.

&V - Display Current Settings
Displays the modem's active settings, including the telephone numbers stored in nonvolatile memory and the security settings, if enabled. If the setup password has been entered, the passwords are also displayed.

&Zy=[+][-]x[,???] - Store Dialing Command
y = 0–29 (callback security enabled)
x = dialing command string
Stores dialing command string x in memory location y. The command string must begin with AT, and can have up to 35 characters. The telephone number in the command must be preceded by D, DT, or DP. Example: AT&Z0=+-ATM0D5551212,???. During a call, if the + or - character is not entered after the password, the modem will call back the stored number. This command can be used only after the setup password has been entered and callback security enabled.
Options:

+	Number entry. Enables the caller to enter a new callback number during password entry. The + character must be the first or second character in the command string.
-	Direct connection. Enables the caller to choose a direct connection (no callback) during password entry. The - character must be the first or second character in the command string.
,???	Extension entry. Enables the caller to enter an extension number during password entry. The + character must be the first or second character in the command string. The ? characters must follow a comma at the end of the string, and there must be one for each digit in the extension. If the ? characters are included in the dialing command, it is not possible for the caller to enter a new callback number, only an extension for the programmed callback number.

Back to Contents Page