VOIP Horror stories 2

[pecossunset]

recently I've been reading some pretty scary reports about VOIP phone systems and security breaches. I have also taken a number of the systems of line because of customer dissatisfaction. I've also heard that the FCC is considering regulating VOIP. Has anyone had these similar experiences.

 

[Sympology]

Nope.....
Glad to get rid of my ISDN's, many have been a right PITA.

Robert Wilensky:
We've all heard that a million monkeys banging on a million typewriters will eventually reproduce the entire works of Shakespeare. Now, thanks to the Internet, we know this is not true.

http://alvechurchlounge.org.uk

 

[trvlr1]

Your VoIP phones will be as good and secure as your network is. If it has issues, so will your VoIP system. However, if you have a strong, secure and stable Network, you will not have any issues with the phones. And this is from someone who wanted nothing to do with VoIP 10 years ago, dyed in the wool Nortel PBX at that time......

 

[Westi]

I have to agree with trvlr1, I also wanted to get rid of VoIP the moment it became popular as I started in 1984 when phone systems were making noise when picking up the receiver. In the mean time I see the advantages of VoIP systems and phones and the security is very simple (inside a network use VLAN's and restrict the routing between them) and a bit more involved when you are going on SIP trunks but it is manageable and a good installer will know how to secure a system to the best of the equipments ability.
There are also companies out there that can do a security audit after the installation if you feel that you want to have a second opinion.
One major thing is that you do not want to have your system with its interface on the open Internet, use a good firewall for it.



Joe W.

TeleTechs.ca
FHandw, ACSS (SME), ACIS (SME)


“This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter

 

[pecossunset]

I certainly understand that. I myself am a very meticulous installer when it comes to wire management and customer care. Most of my new system warranties are five years. The trouble that I'm running into is having to deal with sloppy IT Techs that have no concern for their customers security. Either they want to handle everything including the telephones or they feel its interference have the telephone technician be involved in anything with IT. What has your experience been with this situation.

Also the additional cost to the customer seems to be another issue they don't want to pay for secure networks.

 

[trvlr1]

In this day and age I find it hard to understand anyone who does not want a strong firewall/secure system, it defies logic! We have a "split" shop, voice group and data group, it took some time to make the Network group understand their involvement in the process was essential and that it would not work if they put no effort in to it. They are in to it now though and after a few teething/learning issues, we have a very smooth running VoIP system now, with few issues.

 

[Westi]

I came on board with this company as phone guy into a purely IT organization and they are absolutely paranoid with security and I had to ask a few times to make exceptions from their strict rules to make phone stuff work.
Opening ports in the firewall (for remote users) made them cringe and we had to discuss a lot of the pros and cons before it was approved. Usually VPN's are the way to go for that with a Watchguard on either side keeping the peace.


Joe W.

TeleTechs.ca
FHandw, ACSS (SME), ACIS (SME)


“This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter

 

[GordonKapesMZ4]

Horror Story. A client asking for running SIP trunks on a PBX using a residential grade satellite internet. Worst service and latency ever.

"Keep the Peace, Use RLS"

http://www.joetheucxguy.com

 

[pecossunset]

In the real world, or at least in this town, clients want the cheapest they can get. I have seen some real horror stories when it comes to just the communications closet. Hanging wires of all types. Messy wire management from the IT geeks. Almost every new client I have has wires under the desk, routers and multiple switches all over the place. Seems like every one and their cousin is an "IT" expert. They run out to Best Buy or Frys and now they can manage a data network. Because the owner does not want to pay for good quality IT service and support they settle for someone in house or a friend of the family. One large church with a large school actually took a guy right out of Devry. They have a fiber backbone and multiple Nortel fiber links all over the campus. they wanted to save money.

Most communications closets are out of site and out of mind. Over heated from to much server technology and unkept wiring. This is from the very small mom and pop to the large multi million dollar company. I see this as the norm and not the exception that is why I am just not sold on security with VOIP. It is the IT side that is sloppy and for the most part IT geeks just don't care enough to educate their customers on how dangerous a lack of security can be.

 

[Sympology]

At the end of the day, bay FAR the easiest line to hack is an Analogue one, and trust me, a SIPS / SRTP system is much harder to "hack" than an ISDN.
Huge amount of Toll fraud is still from legacy systems....how many Meridian's still have 0000 as the admin password?

Robert Wilensky:
We've all heard that a million monkeys banging on a million typewriters will eventually reproduce the entire works of Shakespeare. Now, thanks to the Internet, we know this is not true.

http://alvechurchlounge.org.uk

 

[Sympology]

Adding to the benefits, we have agents sitting in 3 different countries, all sat in the same ACD queues, all working together as if the same office.
VoIP is FAR superior (if done correctly) than any legacy tech out there.

Robert Wilensky:
We've all heard that a million monkeys banging on a million typewriters will eventually reproduce the entire works of Shakespeare. Now, thanks to the Internet, we know this is not true.

http://alvechurchlounge.org.uk

 

[pecossunset]

Well ok but I have found a lot of videos even on YouTube how to hack int VOIP system and Cisco handsets and there is a lot of information to do the same on Google. Nothing is like the old days when most of this technical information was only available between the equipment supplier, vendor, local telco and maybe the client. The FCC has a report out about VOIP's lack of security and 911 reliability and are going to consider regulating telephone service via the internet. The tax revenue that has been taken away from the local telcos and states is a huge incentive to start regulating traffic via the internet. The money issue is what I see is going to bring regulation to VOIP. The local telcos are going to be back in control of all of this at some time in the near future. They have to much power and are loosing to much money.

 

[Sympology]

OK let's clarify a few things, this is where a lot of these scare stories come from.
1. Anything over the internet has no QoS, be it voice, video, chat, whatever, even over a VPN. As soon as it's out of your own network, it's out of your control.
2. SIP / RTP is EASY to listen in on calls, so long as you have either PHYSICAL access to the phone or sever, BEFORE it hit's the switch, or if it leaves a trunk port, or have access to port mirror on the switch or have access to the phone system. in this case, it's pretty much the same as an analogue line. HOWEVER if running SIPS + SRTP, it is massively more difficult to listen in on calls than a traditional PSTN. So this is simple case of it's as secure as you make it. Lock your cab's, keep admins to a minimal and make sure you audit regualry, no different a traditional system. 911 is a good point, due to the fact a phone can be in one location and break out in another. LLDP-MED + carrier policies can sort this out, by sending the correct details. HOWEVER IP phones are powered, so unless on a UPS, forget it.

To sum up, you can make a IP based phone system better in pretty much every way than a traditional PBX, but if you start cutting corners and use the race to the bottom mentality, then it WILL bite you in the ass.

Big phone systems are NOTHING like they used to be, they are now communication platforms, email, chat, IM, Video, social media, now all run through the "PBX" and this will trickle down. The trick for the old guys is to stand their ground, but accept the new world order. There will be standard pbx's for a long time, but they are a dying breed.

Robert Wilensky:
We've all heard that a million monkeys banging on a million typewriters will eventually reproduce the entire works of Shakespeare. Now, thanks to the Internet, we know this is not true.

http://alvechurchlounge.org.uk

 

[mattKnight]

Once again Sympology nails it.
but especially this

but if you start cutting corners and use the race to the bottom mentality, then it WILL bite you in the ass.

VoIP (Voice over Internet Protocol) offers many advantages; flexibility, integration, resilience etc. However most people want to implement VoI (Voice over Internet) and get predictably poor results (eg call goes all daleky, but it can't be my internet connection). Put simply, You get what you pay for.

Take Care

Matt
I have always wished that my computer would be as easy to use as my telephone.
My wish has come true. I no longer know how to use my telephone.

 

[phoneguy610]

this is lvnortel ladies and gentlemen

ddcommllc.com
syntelsolutions.com
Avaya/Toshiba/SyntelSolutions

ACIS

"Will work for stars

 

[phoneguy610]

seriously again?

ddcommllc.com
syntelsolutions.com
Avaya/Toshiba/SyntelSolutions

ACIS

"Will work for stars

 

[Johnthephoneguy]

Nothing wrong with VOIP. If the Data guys cant maintain their network security thats their issue.

I work on a Govt VOIP network that has 0 security issues. It can be done. They just need smarter Data guys if they cant figure it out.

JohnThePhoneGuy

"If I can't fix it, it's not broke!

 

[montyzummer]

Dear Mr Nortel if this is indeed you i love my panasonic A series and will never install / push another product , cat 5 is rubbish ,patch panels stink and VOIP will never catch on

APSS (SME)
ACSS (SME)
ACIS (UC)

 

[tball1]

Most govt sites use two networks so the voip network is not directly connected to the outside world

 

[kwbMitel]

Well ok but I have found a lot of videos even on YouTube how to hack int VOIP system and Cisco handsets and there is a lot of information to do the same on Google. Nothing is like the old days when most of this technical information was only available between the equipment supplier, vendor, local telco and maybe the client.

If you are only looking for VOIP hacks then all you will find is VOIP hacks.

Nothing in my experience has been hacked more often or documented on the internet longer than the good ol' Nortel Norstar.

The primary target for hackers is the voicemail. They get in using default passcodes and modify mailboxes to transfer externally. This is not unique to VOIP, in fact, most VOIP systems today require that these passcodes be changed from default. The weakest link is users that refuse to use reasonably secure passcodes for their mailboxes. Secondary to this is incompetent installers that forget to restrict VM ports.

As some of the later responses in this thread might suggest, this sounds suspiciously like a troll.

**********************************************
What's most important is that you realise ... There is no spoon.