On 9/29/10 3:21 PM, Tony Graziano wrote:
I'm not exposing a vulnerability. SIP is vulnerable due to a very
specific "basic" config, scanning for open port 5060. Behind a
firewall or not... I'm simply suggesting that people consider using a
different access code for the default service than *81, which is WHY
it is configurable.
A long time ago, in a land far away...
TPC (The Phone Company, BELL, pre 1983) when installing pbx's for
businesses would forget to tell them they had a DISA line.
This equipment was installed in hotels, hospitals and large businesses.
The default DISA code was easily guessed:
Two modems:
one made robo calls, the other waited for an answer.
first pass through the numbers recorded 'second dial tone' or modem
tones (fax, modem, etc)
second pass through only calls those numbers and started to guess DISA
access code.
If it thought it got it, it dialed modem #2. if it got a connect, we
had a valid DISA line and code.
One company who got a $100K long distance bill refused to pay.
Remember, this was TPC. TPC sold the phone, TPC installed the phone, TPC
maintained the phone and TPC was the long distance company!. (But TPC
pointed out that they handed the client a 700 page manual and on page
425 was documentation on changing the default DISA code from 77777. on,
and the RMATS code was 33333. with RMATS you dialed in with a 300 baud
modem and could program the pbx.. turn back on DISA :-)
My original job as a 'white hat hacker' was in fact in the telco
industry, helping clients secure their pbx's.
And, I agree. use a prepaid account. And for anyone who can't wait for
sipx and wants to take the risk, email me and I'll tell you how to do it
today.
I think however, I would rather see a GoogleVoice, click to call,
'remote office' type application instead.
ie: I dial a number from my cell phone, or click to dial from
outlook/web/FF/IE. system does a call back (to my registered number),
when I answer, it makes the outbound call. my software would have
already authenticated me.
No more dangerous than user extensions for users and having 6 digit
random sip account passwords :-)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
_______________________________________________
sipx-users mailing list
sipx-users@list.sipfoundry.org
List Archive: http://list.sipfoundry.org/archive/sipx-users/
