Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
3bit.com
5876 posts

Uber Geek
+1 received by user: 189

Moderator
Trusted
Subscriber

  Reply # 648538 30-Jun-2012 00:51 Send private message

techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?




819 posts

Ultimate Geek
+1 received by user: 38


  Reply # 648548 30-Jun-2012 01:50 Send private message

nate:
techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?


They have actually been doing it for a while now.

You can see the devices they auto provision from the support pages under equipment installation guide.
You need to log into your account to enable auto-provisioning and specify your device.

http://www.2talk.co.nz/support/

836 posts

Ultimate Geek
+1 received by user: 29


  Reply # 648724 30-Jun-2012 18:02 Send private message

Linksys SPA2102 Setup Guide
Linksys PAP2T Setup Guide
Cisco SPA122 Setup Guide

Just need to logon and select the device and 2talk does the rest.



169 posts

Master Geek
+1 received by user: 7


  Reply # 649390 2-Jul-2012 10:14 Send private message

Thank you everyone, have chosen Compass on this occasion they do not use 2talk and if something goes wrong it is their issue as the whole lot is done in house, they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked to top it off they will rent me some nice looking Snom 821's, will advise of my experience. Thanks you again. 

Voice Engineer @ Orcon
1823 posts

Uber Geek
+1 received by user: 395

Trusted
Orcon
Subscriber

  Reply # 650129 3-Jul-2012 17:03 Send private message

johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!

It can be prevented without private addressing by having appropriate firewall rules, but private address would go some way, yes.  Unless of course you open up a public address anyway, so you can use VoIP phones remotely from the office... 

19506 posts

Uber Geek
+1 received by user: 1338

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650192 3-Jul-2012 18:39 Send private message

ubergeeknz:
johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!




I'd consider "being hacked" to be a lot more than that. Bots launching SIP URI attacks on a system can cause havoc, even if they're not physically able to route calls via the PBX.

I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.

In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.



Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 650209 3-Jul-2012 19:40 Send private message

sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


19506 posts

Uber Geek
+1 received by user: 1338

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650213 3-Jul-2012 19:44 Send private message

DonGould:
sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?



No, because NAT offers a form of protection by creating pinholes.

I specifically mentioned hardware that was exposed directly to the internet.


Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 650351 4-Jul-2012 00:36 Send private message

sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


861 posts

Ultimate Geek
+1 received by user: 8

Trusted
Subscriber

  Reply # 650380 4-Jul-2012 06:02 Send private message

DonGould:

This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.


That is like saying anyone can rewire the phone socket in your house, while true, as seen in a lot of other threads, if not done correctly you can loose alot of speed on your connection.

Another example is re wiring a power socket, again easy, but get it wrong and you can kill someone or burn down your house.

A proper deployment model is the difference between having a house on your property and a caravan, both can be lived in, both serve their purpose, but you need to do alot more to make a caravan permanent than just drive it up and plug it in.
Think of the deployment model as being the project manager for a new house build, they have done all the research for you, promise it will be easy and meet building codes.

End of the day, you get a far better experience with a deployed solution than by someone who doesn't understand how it works putting in a device, that doesn't nessesarily meet all codes and protocols, but "still gives you dial tone"




Hmmmm

739 posts

Ultimate Geek
+1 received by user: 87

Subscriber

  Reply # 650390 4-Jul-2012 07:08 Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.


I don't really think your argument makes a great deal of sense. If you are deploying a pc network you still need to configure it properly and deploy security, do maintainence etc. BYOD has very little to do with it, it's about deploying solutions in a robust manner. If you employed a numpty to do your IT deployment and he didn't install anti virus or deploy firewalls you would blame the guy doing the deployment not the tech.

If the people deploying the tech aren't competent then it is their issue not the tech.

Edited for typos

BDFL
49606 posts

Uber Geek
+1 received by user: 4449

Administrator
Trusted
Geekzone
Subscriber

  Reply # 650407 4-Jul-2012 07:45 Send private message

If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.




19506 posts

Uber Geek
+1 received by user: 1338

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650414 4-Jul-2012 08:02 Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them. 



While this issue has nothing to do with a BYOD scenario, you could argue there are issues in common - security.

Anytime a device is hooked up to the internet you're exposing yourself to the entire internet. A 5yr old kid in Russia could find your IP address, as could a bot running from an EC2 instance in the US. In this day in age nobody in their right mind would leave a PC directly connected to the internet without some form of security, whether it be a software or hardware firewall or security appliance. Hooking up a PC at home to a NAT router at least offers some form of additional protection, even without a SPI forewall.

If you're going to expose port 5060 to the internet you need to be fully aware of the risks of doing so, and for this reason alone I would never recommend anybody configure a port forward to a VoIP device unless they fully understand the risks. I would go as far as saying 99% of people don't understand these risks, because they've never had to drive the ambulance to the car crash at the bottom of the hill.

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.

As for mobile phones being a BYOD device - apart from being able to change your API phones are a very locked down device that don't pose anywhere near the same risks. A person isn't going to be charged 60 minutes for a 1 min call because they didn't configure their mobile phone correctly, however this is a very real reality in the VoIP world with a BYOD scenario if configuration options such as SIP timers aren't configured correctly.

BYOD in the mobile world also isn't a perfect solution. If you buy an XT Galaxy S III for example and use it on Vodafone you'll suffer degraded battery life because fast dormancy is disabled in the XT handset, but supported on the Vodafone network. Likewise buy a VF SGS III and use it on XT and you'll suffer from degraded battery life because XT doesn't support fast dormancy and the handset has this enabled.


807 posts

Ultimate Geek
+1 received by user: 33

Trusted
Subscriber

  Reply # 650434 4-Jul-2012 08:50 Send private message

 

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.




Geez dude, can't you just stop visiting those dodgy voip sites and keep your laptop clean?

Or better yet, get a Mac! they're secure and don't viruses, right....?

Oh wait, that's changed hasnt it....




________
AK

Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 650984 4-Jul-2012 22:26 Send private message

freitasm: If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.


Totally agree, that this my whole argument. 

We really need to get to a point where this technology is plug and play and Cisco should be leading the charge in this space.

I should be able to take a VoIP device from one network to another, and move my numbers with it, as quickly and simply as I can move a domain name and connect my wifi device from one network to another.

I totally agree with everyone who has suggested, stated or hinted that it's not this simple, it should be and we need to work to get it to that point with global standards.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Moment of Truth?
Created by BarTender, last reply by KiwiNZ on 16-Sep-2014 21:22 (216 replies)
Pages... 13 14 15


Mr. Key to extradite Kim Dotcom?
Created by TimA, last reply by dcole13 on 16-Sep-2014 12:38 (110 replies)
Pages... 6 7 8


Spark DNS Issues - Amazing - Broadband Service Alert
Created by PeteS, last reply by Demeter on 15-Sep-2014 14:13 (307 replies)
Pages... 19 20 21


hp bios update
Created by foxy38, last reply by foxy38 on 14-Sep-2014 19:08 (26 replies)
Pages... 2


FS: Server time
Created by deathslocus, last reply by TimA on 16-Sep-2014 21:18 (21 replies)
Pages... 2


Linksys EA6700 $98 at Harvey Horman
Created by macuser, last reply by macuser on 16-Sep-2014 15:18 (18 replies)
Pages... 2


Important changes to your Orcon email service ??
Created by old3eyes, last reply by Jarno on 16-Sep-2014 21:18 (17 replies)
Pages... 2


2014 Holden SS (V8) or Ford XR6-T (in-line 6 turbo)
Created by joker97, last reply by ilovemusic on 16-Sep-2014 14:34 (71 replies)
Pages... 3 4 5



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.