web statisticsweb stats Business Phone Systems Tech Talk Forum - VOIP & Cloud Phone Help

Business Phone Systems

Previous Thread
Next Thread
Print Thread
Rate Thread
#548633 03/27/13 01:28 PM
Joined: Dec 2011
Posts: 8
Member
OP Offline
Member
Joined: Dec 2011
Posts: 8
I am looking for advice on best practices. I have had 3 Allworx systems hacked and a number of international calls were made. Some of this is to put my mind at ease because I am changing a lot of settings in the systems. Example; phone admin password gets changed, admin password gets changed, no access to outside lines in voicemail, phones are unable to create via WAN, VPN is used for remote management, etc. Two systems were hacked when a customer put a remote Allworx handset outside of a firewall, and one system had a Grandstream gateway hacked that was on the local network (only Allworx handsets are outside). I am trying to come up with a white paper so I need program items I can change that will work. For instance, has anyone tried to change from the standard SIP port of 5060? Sorry no suggestions. However, any stories that are shared would be appreciated since that often shows where the hack comes from. Thank you.

Atcom VoIP Phones
VoIP Demo

Best VoIP Phones Canada


Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.

Joined: Apr 2013
Posts: 1
Member
Offline
Member
Joined: Apr 2013
Posts: 1
The latest software addresses the issues that allowed the systems to be hacked. It seems like you followed best practices, some of the WORST practices would be: allowing administration from the WAN without a VPN first.

What was allowing this to happen is that the passwords of phones registered with older software assigned a DEFAULT password to those phones. As you know from creating SIP accounts for soft phones, you need a userid and a password....all passwords for registered handsets are default. Once you know that, you can pretty much connect with a softphone and a few tricks and make all of the calls you like without knowing the remote (pnp) key or anything.

In short: upgrade to the latest software, and you should not need to take any other special precautions. (Although I agree with the DO NOT ALLOW AUTO CREATE OF WAN HANDSETS...if this is a problem, enable it remotely, let the user connect, and then disable it again...you'll be getting the call anyway, so no big deal, right?)


Joined: Oct 2005
Posts: 51
Member
*****
Offline
Member
*****
Joined: Oct 2005
Posts: 51
The systems that we have seen hacked are using the Allworx as the firewall. The hackers are using the user credentials for generic SIP accounts and remote IP phones. If you can, move the Allworx to behind a strong firewall. Delete any unused generic SIP accounts. Change the password for all generic SIP devices - use a random password generator. Make sure "NAT traversal assistance" is turned off for all generic SIP phones. Block international calls (011 + 010) and calls to dangerous area codes (Barbados, Caribbean, etc.) Disable WAN access to admin, and disable all Creates over WAN. Allworx has released a security announcement - follow it to the letter.

Joined: Mar 2010
Posts: 25
Member
Offline
Member
Joined: Mar 2010
Posts: 25
We also found out hackers can get out through the system v/mail.


Moderated by  JWRacedog 

Link Copied to Clipboard
Forum Statistics
Forums84
Topics94,262
Posts638,696
Members49,757
Most Online5,661
May 23rd, 2018
Popular Topics(Views)
211,098 Shoretel
187,709 CTX100 install
186,794 1a2 system
Newest Members
BPopilek, Rich F, LewisR, TDKs79, Buttinset
49,757 Registered Users
Top Posters(30 Days)
dexman 18
Toner 12
TDKs79 8
jc2it 4
teleco 4
Who's Online Now
1 members (Toner), 131 guests, and 249 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: One of the best VoIP Phone Canada Suppliers for your business telephone system!| Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers. Sundance Phone System Forums - VOIP & Cloud Phone Help
©Copyright Sundance Communications 1998-2024
Powered by UBB.threads™ PHP Forum Software 7.7.5