Business Partner password 6

[digiteltlc]

I had an ipo500 hacked by foreign intruders.

They have used "Business Partner" account to log in

Now i have disabled all users except Administrator in Security settings,

But , what is the default password for "Business Partner" user ???

I realize that an hacker is a more technical user than me..........

Thank you

 

[jamie77]

Never tried.

Knowing Avaya, I would guess 'BusinessPartner'

I always delete all these so no need to ever know what it is!!

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer

 

[IPGuru]

Bigger question is how did they get connected in the 1st place?

I woudl sugest it is because either :-

1) You have the IP Office connected directy to the internet with a public IP address
2) you have port forwarded all inbound traffic to your ip office

you should NEVER do either of these things
Disconnect you IP Office from the internet untill you can find a competent isntaller to connect things correctly or you will continue to be hacked. 9now the hacker has a copy of your CFG he will almost certainly be able to find other ways to exploit it



Do things on the cheap & it will cost you dear

 

[digiteltlc]

This IPoffice is behind a firewall

ports 50802 50804 50808 50812 are forwarded from internet to IPoffice for maintenance purpose.

Now all users are disabled except Administrator

I cannot find anywhere a referene for that password , in Avaya technical papers neither.....

 

[IPGuru]

ports 50802 50804 50808 50812 are forwarded from internet to IPoffice for maintenance purpose.

Which is why you are wide open for hacking.
Disable this IMMEDIATLY!
if your maintainer asked for this to be configured in this way TERMINATE YOUR MAINTANENCE AGREEMENT IMMIDIATLY AND LOCATE A COMPETENT MAINTAINER

if YOU are the maintainer hang your head in shame.
As the maintainer You should hang your head in shame.
not only have there been may threads relating to securing IP offices & not exposing them to the internet I can see from thread940-1754899 that I warned you that this would happen some time ago.


Do things on the cheap & it will cost you dear

 

[amriddle01]

It's not often a genuine "I told you so" moment pops up, but it's always gratifying when it does...star given

 

[holdmusic34]

Have star, will travel!

The key word for this thread: Seppuku

 

[digiteltlc]

Assuming port forwarding is absolutely to be avoided over internet (what about all those ipo exposed with public IP adress to internet....)

What's the right way you (IpGuru) suggest to maintain a 500km far ipoffice other than a by-car journey ??

P.S. usually the port forwarding is placed after a rule that permit that particular traffic from my own public ip address also

 

[amriddle01]

Dial in, or LogMeIn or similar remote access software to a local PC or even a VPN to site.
If you really must do port forwarding tie it down to only forward from a single IP (yours).
There are many ways to do it, don't worry about all the IPOs on the web, though there are literally thousands...that's their problem

 

[digiteltlc]

yes my edit :

P.S. usually the port forwarding is placed after a rule that permit that particular traffic from my own public ip address also

 

[IPGuru]

Amriddle has given most options, there is also ISDN Data connection.

My prefrences are

1) ISDN Data Dialup
2) VPN (perferably IPSEC but even PPTP is a start)
3) Poetforwarding from secure location only, if this is the option selected then check thoroughly that acess cannot be gained from other loctaions.

Maintaingin a system 500KM away, we ar a national maintanence company & haev engineers accross the country so that s not an issue howeve my advise woudl be to be careful about accepting maintanence os a sysstem you cant phsyicaly access (what happens if they hae a hardware failure?)

As to the number of IP Officeice visible on the internet, this just shows how many incompetent cowboys there are out there. fortunatly as you are asking for advise on keeping things secure I can see that you dont want to be considered one of them.



Do things on the cheap & it will cost you dear

 

[hairlessupportmonkey]

here are a number of cowboys out there:


United States
1,785
United Kingdom
279
Canada
173
Mexico
159
Sweden
112

All IP Offices exposed to the internet.

ACSS - SME
General Geek