|
|
|
|
Joined: Sep 2009
Posts: 164
Member
|
|
Member
Joined: Sep 2009
Posts: 164 |
Put in a LUCA, a few weeks later found out that someone had hacked their way into it, changed passwords, and loaded a program designed to try to break into someone else's system.
Worked with Toshiba to change the passwords to something different, verify that no new users had been added, and removed the subdirectory and new files that had been added.
Just a warning to everyone, change the default password to something strong - the LUCA is a far more interesting platform than the IES's ever were.
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
|
Joined: Feb 2007
Posts: 323
Member
|
|
Member
Joined: Feb 2007
Posts: 323 |
Ben, what do you mean "the LUCA is a far more interesting platform thatn the ies ever were" ?
I havent had a chance to work on one, the last couple installs were done by other techs..
|
|
|
|
|
Joined: Jun 2005
Posts: 2,721 Likes: 7
Member
|
|
Member
Joined: Jun 2005
Posts: 2,721 Likes: 7 |
I had a MAS that got hacked a few months ago. I think there was external Remote Desktop access through the firewall and the password was still default. The device that it replaces was a Win 2K ACD system that had no RDP built in.
Default passwords are about as just a little better then as no passwords. It would seem that on the surface the LUCA would be more secure, whith it's Linux OS and a password that is not just "password". I guess it could still be guess with a dictionary attck or if somone knew that system.
we have a lot of customers that still have the default passwords on their system. For the most part they do not have exposure to the outside world (except an IES or the ICX that could have dialup access). I do try to add more security when the systems have access to them from outside the firewall.
Did you have the SSH or Web ports forwarded theough the firewall? I am just curious how someone could get into that system.
|
|
|
|
|
Joined: Sep 2009
Posts: 164
Member
|
|
Member
Joined: Sep 2009
Posts: 164 |
When I said that "the LUCA is a far more interesting platform than the IES", I was referring to the operating system. The IES is dos based, and there isn't any practical thing you can do with them, as far as I know. But any Linux system, once 'root' access is gained, will give you a really nice place to hack other system from. And the knowledge base of hacking with Linux is probably far more extensive than Windows, simply due to more time.
The LUCA was on a Public IP - simply because it's a CIX 40 system that also uses VOIP ... and no VPN tunnels available. Not my favorite configuration, I must admit, putting everything on the 'outside' - but I didn't have a choice. With a 100 or 670, I could use multiple IP cards. I should have been smart enough to change the password...
Keep in mind that the user 'root' has to be changed as well as the user 'toshiba'.
|
|
|
|
|
Joined: Feb 2007
Posts: 323
Member
|
|
Member
Joined: Feb 2007
Posts: 323 |
I see, you mean the Ivp8 not the IES
|
|
|
|
|
Joined: Sep 2009
Posts: 164
Member
|
|
Member
Joined: Sep 2009
Posts: 164 |
Wow! I must have had a brain malfunction!!!
Thanks for the correction!
At least, *I* knew what I was saying, even if no-one else could make sense out of it!
|
|
|
|
Forums84
Topics94,490
Posts639,855
Members49,833
| |
Most Online5,661
May 23rd, 2018
|
|
|
|
|
|
