Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Is your IP Office secure? 7

Status
Not open for further replies.
amriddle01

amriddle01

Programmer
Joined
May 2, 2007
Messages
23,938
Location
GB
They are being hacked more and more these days, Avaya have just released another document detailing how to secure them correctly, if your system is potentially accessible by someone who shouldn't touch it...take a look :-)

 
Sort by date Sort by votes
Well, seems not enough people have taken notice of Avaya's previous release which we (Gunnaro) pushed to get published.

I can tell you for a fact there are literally thousands of IP Offices exposed to the internet and hackable in one form or another.

Simply don't just change the ovbious passwords. Also remember someone connecting with Monitor can be a nuisance and also collect a fair amount of useful information about users, the company, numbers, network information as so on.

If you truly need to expose the IPO to the internet, only open the ports you need. Tie your policies to the maintainers IP address. Only open port 5060 for SIP and again, tie the policies to the ITSP's IP address(es). Get a good firewall!!!

If you need help and advice please post here and one of us with experience can advise and also come in as a local BP and help.

Its important, because there are reputations at stake, as well as large bills for illicit calls, and also implications of companies being investigated as part of counter terrorism operations, especially if your system is complicit in the communications for terrorists.



ACSS - SME
General Geek

 
Upvote 0 Downvote
So read the tech bulletin that Andy has posted. Not all of it will apply, but learn to secure your IP Office.

ACSS - SME
General Geek

 
Upvote 0 Downvote
...or tell your customers that they need to go back to ISDN & digital phones..
 
Upvote 0 Downvote
Thanks for the credit, HSM! [smile]

I was shocked finding so many unsafe systems out there, and to my surprise the amount is increasing!

It occurs to me that many are willing to sacrifice their security to obtain a service (SIP) or feature (SCN).
In most cases your SIP provider is not responsible for the security on the far side (you), and if you think finding your exposed system is as tricky as that famous needle in the haystack...think again!

So, please test your systems from the outside!
A hacker will exploit any opening your system offers and it will cost you more than 10 times the price of a really good firewall.

If you have no idea on how to configure a firewall and/or VPN service, there are plenty of techs you can buy that service from (some of them are even active members of this forum).
It's the cheapest insurance you'll ever buy!

Kind regards

Gunnar
__________________________________________________________________
Hippos have bad eyesight, but considering their weight, it’s hardly their problem

2cnvimggcac8ua2fg.jpg
 
Upvote 0 Downvote
> ...or tell your customers that they need to go back to ISDN & digital phones..

Better still, just have dozens of analogue lines connected to phones on desks.

Wait, call phreaking has been around for almost as long as PSTN has. So, really that is poor advice.

ACSS - SME
General Geek

 
Upvote 0 Downvote
> ...or tell your customers that they need to go back to ISDN & digital phones..

In fact, we have Alcatel's that get hacked, that aren't connected to the LAN / internet, digital phones and ISDN.

We are having to install Control Phreak from callista to stop the hacking.

ACSS - SME
General Geek

 
Upvote 0 Downvote
Alcatels are a well known and well documented problem. Voicemail security is the issue there. We have a few and replaced a few due to its weakness in this area.

I hate the French crap TBH!!!!!

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
In its simplest form
Do not just rely on the IP Office's accounts & passwords, secure access at the network level.
if in any doubt block ensure that there is no route to the IP Offcie from any extrnal souce either via a direct connection or NAT.

if you require remote users or One-X mobility clients ensure your system is configured by a competent maintainer.

and above all audit your firewall loggs regularly to make sure you have not missed somthing!

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
Upvote 0 Downvote
...or tell your customers that they need to go back to ISDN & digital phones.."

I bet there's plenty of those sitting out there with default credentials, they're just harder to find. :-)

APSS/ACIS/ACSS-SME
not arrogant, just succinct.
 
Upvote 0 Downvote
Tom

I used to often find sites we took over had default rremoteManager password (even when a seperate account had been created by the previous maintainer) but fortunatly that is becoming much less common.

The local accounts are oten default though which is still at risk from internal hacking or if the customer has other network weaknesses.

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

newbietechman
  • Locked
  • Question Question
IP Office
Replies
8
Views
992
Westi
Westi
TnPtech
  • Locked
  • Question Question
Avaya IP Office -IP phone issue.
Replies
17
Views
2K
MikeeOK
MikeeOK
Jose C.
  • Question Question
IP Office Authorization Codes use
Replies
3
Views
178
Ekster
Ekster
lleeNC
  • Locked
  • Question Question
Secure and non-secure 46xxsettings.txt
Replies
2
Views
432
lleeNC
lleeNC
bignose21
  • Locked
  • Question Question
Split up IP Office SE
Replies
4
Views
566
finest
finest

Part and Inventory Search

Sponsor

Back
Top