Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsVoIPNz Voip (SIP)
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
6353 posts

Uber Geek
+1 received by user: 403

Moderator
Trusted
Lifetime subscriber

  # 648538 30-Jun-2012 00:51
Send private message

techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?

1012 posts

Uber Geek
+1 received by user: 98


  # 648548 30-Jun-2012 01:50
Send private message

nate:
techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?


They have actually been doing it for a while now.

You can see the devices they auto provision from the support pages under equipment installation guide.
You need to log into your account to enable auto-provisioning and specify your device.

http://www.2talk.co.nz/support/

 
 
 
 


1054 posts

Uber Geek
+1 received by user: 71


  # 648724 30-Jun-2012 18:02
Send private message

Linksys SPA2102 Setup Guide
Linksys PAP2T Setup Guide
Cisco SPA122 Setup Guide

Just need to logon and select the device and 2talk does the rest.



402 posts

Ultimate Geek
+1 received by user: 29


  # 649390 2-Jul-2012 10:14
Send private message

Thank you everyone, have chosen Compass on this occasion they do not use 2talk and if something goes wrong it is their issue as the whole lot is done in house, they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked to top it off they will rent me some nice looking Snom 821's, will advise of my experience. Thanks you again. 

3344 posts

Uber Geek
+1 received by user: 1089

Trusted
Vocus

  # 650129 3-Jul-2012 17:03
Send private message

johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!

It can be prevented without private addressing by having appropriate firewall rules, but private address would go some way, yes.  Unless of course you open up a public address anyway, so you can use VoIP phones remotely from the office... 

27966 posts

Uber Geek
+1 received by user: 7456

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 650192 3-Jul-2012 18:39
Send private message

ubergeeknz:
johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!




I'd consider "being hacked" to be a lot more than that. Bots launching SIP URI attacks on a system can cause havoc, even if they're not physically able to route calls via the PBX.

I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.

In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.



3889 posts

Uber Geek
+1 received by user: 164


  # 650209 3-Jul-2012 19:40
Send private message

sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

 
 
 
 


27966 posts

Uber Geek
+1 received by user: 7456

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 650213 3-Jul-2012 19:44
Send private message

DonGould:
sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?



No, because NAT offers a form of protection by creating pinholes.

I specifically mentioned hardware that was exposed directly to the internet.


3889 posts

Uber Geek
+1 received by user: 164


  # 650351 4-Jul-2012 00:36
Send private message

sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

cisconz
1212 posts

Uber Geek
+1 received by user: 97

Trusted
Lifetime subscriber

  # 650380 4-Jul-2012 06:02
Send private message

DonGould:

This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.


That is like saying anyone can rewire the phone socket in your house, while true, as seen in a lot of other threads, if not done correctly you can loose alot of speed on your connection.

Another example is re wiring a power socket, again easy, but get it wrong and you can kill someone or burn down your house.

A proper deployment model is the difference between having a house on your property and a caravan, both can be lived in, both serve their purpose, but you need to do alot more to make a caravan permanent than just drive it up and plug it in.
Think of the deployment model as being the project manager for a new house build, they have done all the research for you, promise it will be easy and meet building codes.

End of the day, you get a far better experience with a deployed solution than by someone who doesn't understand how it works putting in a device, that doesn't nessesarily meet all codes and protocols, but "still gives you dial tone"




Hmmmm

2231 posts

Uber Geek
+1 received by user: 981

Trusted
Subscriber

  # 650390 4-Jul-2012 07:08
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.


I don't really think your argument makes a great deal of sense. If you are deploying a pc network you still need to configure it properly and deploy security, do maintainence etc. BYOD has very little to do with it, it's about deploying solutions in a robust manner. If you employed a numpty to do your IT deployment and he didn't install anti virus or deploy firewalls you would blame the guy doing the deployment not the tech.

If the people deploying the tech aren't competent then it is their issue not the tech.

Edited for typos

BDFL - Memuneh
63826 posts

Uber Geek
+1 received by user: 14282

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 650407 4-Jul-2012 07:45
Send private message

If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.




Sharesies investment funds | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | Honeyminer (1000 Satoshi signup bonus)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

27966 posts

Uber Geek
+1 received by user: 7456

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 650414 4-Jul-2012 08:02
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them. 



While this issue has nothing to do with a BYOD scenario, you could argue there are issues in common - security.

Anytime a device is hooked up to the internet you're exposing yourself to the entire internet. A 5yr old kid in Russia could find your IP address, as could a bot running from an EC2 instance in the US. In this day in age nobody in their right mind would leave a PC directly connected to the internet without some form of security, whether it be a software or hardware firewall or security appliance. Hooking up a PC at home to a NAT router at least offers some form of additional protection, even without a SPI forewall.

If you're going to expose port 5060 to the internet you need to be fully aware of the risks of doing so, and for this reason alone I would never recommend anybody configure a port forward to a VoIP device unless they fully understand the risks. I would go as far as saying 99% of people don't understand these risks, because they've never had to drive the ambulance to the car crash at the bottom of the hill.

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.

As for mobile phones being a BYOD device - apart from being able to change your API phones are a very locked down device that don't pose anywhere near the same risks. A person isn't going to be charged 60 minutes for a 1 min call because they didn't configure their mobile phone correctly, however this is a very real reality in the VoIP world with a BYOD scenario if configuration options such as SIP timers aren't configured correctly.

BYOD in the mobile world also isn't a perfect solution. If you buy an XT Galaxy S III for example and use it on Vodafone you'll suffer degraded battery life because fast dormancy is disabled in the XT handset, but supported on the Vodafone network. Likewise buy a VF SGS III and use it on XT and you'll suffer from degraded battery life because XT doesn't support fast dormancy and the handset has this enabled.


1906 posts

Uber Geek
+1 received by user: 458

Trusted
Subscriber

  # 650434 4-Jul-2012 08:50
Send private message

 

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.




Geez dude, can't you just stop visiting those dodgy voip sites and keep your laptop clean?

Or better yet, get a Mac! they're secure and don't viruses, right....?

Oh wait, that's changed hasnt it....




________

 

Antonios K

 

Click to see full size

3889 posts

Uber Geek
+1 received by user: 164


  # 650984 4-Jul-2012 22:26
Send private message

freitasm: If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.


Totally agree, that this my whole argument. 

We really need to get to a point where this technology is plug and play and Cisco should be leading the charge in this space.

I should be able to take a VoIP device from one network to another, and move my numbers with it, as quickly and simply as I can move a domain name and connect my wifi device from one network to another.

I totally agree with everyone who has suggested, stated or hinted that it's not this simple, it should be and we need to work to get it to that point with global standards.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35

Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00

Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34

OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28

Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56

Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20

New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09

ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05

New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35

Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39

TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18

E-scooter share scheme launches in Wellington
Posted 17-Jun-2019 12:34

Anyone can broadcast with Kordia Pop Up TV
Posted 13-Jun-2019 10:51

Volvo and Uber present production vehicle ready for self-driving
Posted 13-Jun-2019 10:47

100,000 customers connected to fibre broadband network through Enable
Posted 13-Jun-2019 10:35


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.