-
2
- #1
StreamlineNet
Vendor
I am tired of these hackers...
I have locked the doors, and getting ready to throw away the keys..
Every customer will be getting a VPN tunnel for management, I guess I am paying money for this now. So in retaliation I have created a honeypot program. When the user attempts to connect to the IP Office (so they think):
1) I am logging all actions. (running now and capturing their user information (or the device it is coming from)
My big question.... Is this legal? I will disclaimer the site as making it illegal to hack and they could face financial and legal consequences.
All in all... Partners if you agree copy and paste this below passage send it to you Channel reps, distributors, trainers, and anyone else who will listen....
Avaya really needs to look at this issue. Maybe have a secure upgrade with 2 forms of authentication before any configuration changes are made. Even as simple as requiring a private self signed certificate for any access (other than SIP trucking with one button to open and close). Only access available should be by local (private) subnet unless they have the Certificate. And in essence of network security responsibility, this must be a free upgrade for any supporting box. Example IPO500 and IPO 500 V2 free upgrades. Older units will require Hardware upgrades. In your security put a IP packet drop with 5 failed attempts.
I have found 206.221.187.163 to be a gaming server in Chile this is a recent hacker used to connect. Tried to use PC Manager
RaedNahal from Pakistan Mac address (20-68-9d-6d-86-f5) (tried to use BusinessPartner and Manager) (Internal IP 192.168.15.10 different time 192.168.1.102)
anaa from mac address (78-E4-00-1A-D0-08 Hon Hai Precision Ind. Co.,Ltd., CHINA) Tried to use Administrator (internal IP 192.168.1.112)
I have locked the doors, and getting ready to throw away the keys..
Every customer will be getting a VPN tunnel for management, I guess I am paying money for this now. So in retaliation I have created a honeypot program. When the user attempts to connect to the IP Office (so they think):
1) I am logging all actions. (running now and capturing their user information (or the device it is coming from)
a) Going to make a database of these A**Wipes so at the very least we block the addresses
b) Should this go public?
2) I have a small package in the cfg file to corrupt there manager a)currently working on test lab, is hit and miss about working; versioning is an issue right now
b)all passwords will be default.
3) I want to implant a small package to implement remote control of their system, it will be a Java package on a false web manager.a) I plan to impliment a geo tracker in this program as well; proxy device installed with a Java service.
b) maybe reporting it's own computer to local authorities as cyber crimes. How hard will it be to screen record for them?
My big question.... Is this legal? I will disclaimer the site as making it illegal to hack and they could face financial and legal consequences.
All in all... Partners if you agree copy and paste this below passage send it to you Channel reps, distributors, trainers, and anyone else who will listen....
Avaya really needs to look at this issue. Maybe have a secure upgrade with 2 forms of authentication before any configuration changes are made. Even as simple as requiring a private self signed certificate for any access (other than SIP trucking with one button to open and close). Only access available should be by local (private) subnet unless they have the Certificate. And in essence of network security responsibility, this must be a free upgrade for any supporting box. Example IPO500 and IPO 500 V2 free upgrades. Older units will require Hardware upgrades. In your security put a IP packet drop with 5 failed attempts.
I have found 206.221.187.163 to be a gaming server in Chile this is a recent hacker used to connect. Tried to use PC Manager
RaedNahal from Pakistan Mac address (20-68-9d-6d-86-f5) (tried to use BusinessPartner and Manager) (Internal IP 192.168.15.10 different time 192.168.1.102)
anaa from mac address (78-E4-00-1A-D0-08 Hon Hai Precision Ind. Co.,Ltd., CHINA) Tried to use Administrator (internal IP 192.168.1.112)