S 5.75 Protecting against overloading the fax server

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrator, fax mail centre

A fax server can become overloaded with either incoming or outgoing fax transmissions. If the fax server is overloaded, this could mean that no further fax transmissions can be received or sent for the time being. It is also possible that overloading of the fax server could cause the operating system or the fax server application to crash so that the fax server is temporarily completely unavailable.

The fax server can be said to be overloaded if all the channels available through the communications cards are blocked with incoming and outgoing fax transmissions. The result is that no more faxes can be received or sent until a channel becomes free again. If all the lines provided by the telecommunications company are busy with incoming and outgoing fax transmissions, this has the same result.

Before purchasing one or more fax servers the likely volume of faxes should be estimated. Components which are capable of handling this volume should then be purchased. Care should also be taken to ensure that sufficient telecommunications lines are available.

The fax server log files should be regularly examined so that if there are certain times when the server is overloaded or is functioning at the limits of its capacity, these can be identified.

Overloading of the fax server can occur if an attempt is made to send out a large number of faxes from within the organisation. Under unfavourable conditions, this could cause the fax server application or the operating system to crash. This could be triggered, for example, by an attempt to send out a large number of serial faxes. During the test or pilot phase, tests should therefore be run so as to determine the loading limits. To avoid exceeding these limits, a maximum size should be imposed on users for serial fax transmissions, e.g. through an appropriate standard operating procedure (SOP). Very large serial fax transmissions should then be split into several smaller transmissions. At times when the fax server is heavily loaded, steps should be taken to ensure that faxes are only sent in urgent cases. This can be achieved either using an appropriate SOP or by appropriate permission settings on the fax server. One possible solution is to stipulate that where possible faxes are only to be sent after working hours, which also has the advantage of lower telephone charges.

If it is established that the fax server is always blocked at certain times by the same originating numbers sending large numbers of faxes, first of all the identity of the originators and the nature of the fax transmissions concerned should be established. If the organisation really needs these faxes, one possibility is to negotiate times with the originators at which they should send their faxes so that they can be received without any problems. If the faxes are not actually needed (e.g. unsolicited advertising material), an attempt can be made to block these originator numbers via the fax server application or else via the private branch exchange. However, this is only possible if the originator identifier (CSID) is not disguised or, where ISDN is used, if the originator does not withhold his call number. If it is not possible to determine the originator's fax number, the only remaining option is to expand the existing capacity, as described above.

Another potential problem with a fax server is hard disk capacity. The danger that an adversary will deliberately exhaust the hard disk capacity through an attack is slim. A single faxed DIN A4 page occupies around 70 KB. Given that most hard disks today hold several gigabytes, when one considers the telephone charges that would be incurred, an attack of this kind is improbable. Generally, all incoming and outgoing fax transmissions are stored either permanently or temporarily on the hard disk of the fax server. What happens then depends on the faxed server application and possibly on the configuration as well. One possibility is that all faxed transmissions are permanently stored or archived on the hard disk of the fax server. When this mode of operation is employed, depending on the volume of faxes, it is possible for the hard disk capacity to quickly become exhausted. In this case steps should be taken to ensure that outgoing fax transmissions and incoming faxes which have already been read are archived as soon as possible on external data media and deleted from the fax server. To achieve this result, the amount of memory placed at the disposal of users on the fax server should be limited. In addition, an SOP should be issued to the effect that fax transmissions which are no longer required are to be deleted. This applies especially to unsolicited advertising material received. Regular checks of the amount of free storage space on the fax server's hard disk should be performed by the fax mail centre.

Additional controls:

• At what times is the fax server heavily loaded?

• Are there any standard operating procedures in place restricting the sending of faxes at busy times to urgent cases?

• Is permanent archiving of faxes not performed on the fax server?