Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 3 | 4 | 5 | 6 | 7 | 8 | 9
nate
6473 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

  #648538 30-Jun-2012 00:51
Send private message

techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?



farcus
1544 posts

Uber Geek


  #648548 30-Jun-2012 01:50
Send private message

nate:
techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?


They have actually been doing it for a while now.

You can see the devices they auto provision from the support pages under equipment installation guide.
You need to log into your account to enable auto-provisioning and specify your device.

http://www.2talk.co.nz/support/

Lurch
1061 posts

Uber Geek


  #648724 30-Jun-2012 18:02
Send private message

Linksys SPA2102 Setup Guide
Linksys PAP2T Setup Guide
Cisco SPA122 Setup Guide

Just need to logon and select the device and 2talk does the rest.



johny99

495 posts

Ultimate Geek
Inactive user


  #649390 2-Jul-2012 10:14
Send private message

Thank you everyone, have chosen Compass on this occasion they do not use 2talk and if something goes wrong it is their issue as the whole lot is done in house, they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked to top it off they will rent me some nice looking Snom 821's, will advise of my experience. Thanks you again. 

ubergeeknz
3344 posts

Uber Geek

Trusted
Vocus

  #650129 3-Jul-2012 17:03
Send private message

johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!

It can be prevented without private addressing by having appropriate firewall rules, but private address would go some way, yes.  Unless of course you open up a public address anyway, so you can use VoIP phones remotely from the office... 

sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #650192 3-Jul-2012 18:39
Send private message

ubergeeknz:
johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!




I'd consider "being hacked" to be a lot more than that. Bots launching SIP URI attacks on a system can cause havoc, even if they're not physically able to route calls via the PBX.

I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.

In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.



DonGould
3892 posts

Uber Geek


  #650209 3-Jul-2012 19:40
Send private message

sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


 
 
 
 

Shop now on Samsung phones, tablets, TVs and more (affiliate link).
sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #650213 3-Jul-2012 19:44
Send private message

DonGould:
sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?



No, because NAT offers a form of protection by creating pinholes.

I specifically mentioned hardware that was exposed directly to the internet.


DonGould
3892 posts

Uber Geek


  #650351 4-Jul-2012 00:36
Send private message

sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


cisconz
cisconz
1339 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #650380 4-Jul-2012 06:02
Send private message

DonGould:

This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.


That is like saying anyone can rewire the phone socket in your house, while true, as seen in a lot of other threads, if not done correctly you can loose alot of speed on your connection.

Another example is re wiring a power socket, again easy, but get it wrong and you can kill someone or burn down your house.

A proper deployment model is the difference between having a house on your property and a caravan, both can be lived in, both serve their purpose, but you need to do alot more to make a caravan permanent than just drive it up and plug it in.
Think of the deployment model as being the project manager for a new house build, they have done all the research for you, promise it will be easy and meet building codes.

End of the day, you get a far better experience with a deployed solution than by someone who doesn't understand how it works putting in a device, that doesn't nessesarily meet all codes and protocols, but "still gives you dial tone"




Hmmmm


Handle9
11262 posts

Uber Geek

Trusted
Lifetime subscriber

  #650390 4-Jul-2012 07:08
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.


I don't really think your argument makes a great deal of sense. If you are deploying a pc network you still need to configure it properly and deploy security, do maintainence etc. BYOD has very little to do with it, it's about deploying solutions in a robust manner. If you employed a numpty to do your IT deployment and he didn't install anti virus or deploy firewalls you would blame the guy doing the deployment not the tech.

If the people deploying the tech aren't competent then it is their issue not the tech.

Edited for typos

freitasm
BDFL - Memuneh
79140 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #650407 4-Jul-2012 07:45
Send private message

If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #650414 4-Jul-2012 08:02
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them. 



While this issue has nothing to do with a BYOD scenario, you could argue there are issues in common - security.

Anytime a device is hooked up to the internet you're exposing yourself to the entire internet. A 5yr old kid in Russia could find your IP address, as could a bot running from an EC2 instance in the US. In this day in age nobody in their right mind would leave a PC directly connected to the internet without some form of security, whether it be a software or hardware firewall or security appliance. Hooking up a PC at home to a NAT router at least offers some form of additional protection, even without a SPI forewall.

If you're going to expose port 5060 to the internet you need to be fully aware of the risks of doing so, and for this reason alone I would never recommend anybody configure a port forward to a VoIP device unless they fully understand the risks. I would go as far as saying 99% of people don't understand these risks, because they've never had to drive the ambulance to the car crash at the bottom of the hill.

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.

As for mobile phones being a BYOD device - apart from being able to change your API phones are a very locked down device that don't pose anywhere near the same risks. A person isn't going to be charged 60 minutes for a 1 min call because they didn't configure their mobile phone correctly, however this is a very real reality in the VoIP world with a BYOD scenario if configuration options such as SIP timers aren't configured correctly.

BYOD in the mobile world also isn't a perfect solution. If you buy an XT Galaxy S III for example and use it on Vodafone you'll suffer degraded battery life because fast dormancy is disabled in the XT handset, but supported on the Vodafone network. Likewise buy a VF SGS III and use it on XT and you'll suffer from degraded battery life because XT doesn't support fast dormancy and the handset has this enabled.


antoniosk
2358 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #650434 4-Jul-2012 08:50
Send private message

 

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.




Geez dude, can't you just stop visiting those dodgy voip sites and keep your laptop clean?

Or better yet, get a Mac! they're secure and don't viruses, right....?

Oh wait, that's changed hasnt it....




________

 

Antoniosk


DonGould
3892 posts

Uber Geek


  #650984 4-Jul-2012 22:26
Send private message

freitasm: If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.


Totally agree, that this my whole argument. 

We really need to get to a point where this technology is plug and play and Cisco should be leading the charge in this space.

I should be able to take a VoIP device from one network to another, and move my numbers with it, as quickly and simply as I can move a domain name and connect my wifi device from one network to another.

I totally agree with everyone who has suggested, stated or hinted that it's not this simple, it should be and we need to work to get it to that point with global standards.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


1 | ... | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Māori Artists Launch Design Collection with Cricut ahead of Matariki Day
Posted 15-Jun-2025 11:19


LG Launches Upgraded webOS Hub With Advanced AI
Posted 15-Jun-2025 11:13


One NZ Satellite IoT goes live for customers
Posted 15-Jun-2025 11:10


Bolt Launches in New Zealand
Posted 11-Jun-2025 00:00


Suunto Run Review
Posted 10-Jun-2025 10:44


Freeview Satellite TV Brings HD Viewing to More New Zealanders
Posted 5-Jun-2025 11:50


HP OmniBook Ultra Flip 14-inch Review
Posted 3-Jun-2025 14:40


Flip Phones Are Back as HMD Reimagines an Iconic Style
Posted 30-May-2025 17:06


Hundreds of School Students Receive Laptops Through Spark Partnership With Quadrent's Green Lease
Posted 30-May-2025 16:57


AI Report Reveals Trust Is Key to Unlocking Its Potential in Aotearoa
Posted 30-May-2025 16:55


Galaxy Tab S10 FE Series Brings Intelligent Experiences to the Forefront with Premium, Versatile Design
Posted 30-May-2025 16:14


New OPPO Watch X2 Launches in New Zealand
Posted 29-May-2025 16:08


Synology Premiers a New Lineup of Advanced Data Management Solutions
Posted 29-May-2025 16:04


Dyson Launches Its Slimmest Vaccum Cleaner PencilVac
Posted 29-May-2025 15:50


OPPO Reno13 Pro 5G Review
Posted 29-May-2025 15:33









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.