Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsVoIPNz Voip (SIP)
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
I'm @nate
6274 posts

Uber Geek
+1 received by user: 368

Moderator
Trusted
Subscriber

  Reply # 648538 30-Jun-2012 00:51
Send private message

techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?





Custom software development | Mt Eden Cafe | Cafe Owner

946 posts

Ultimate Geek
+1 received by user: 85


  Reply # 648548 30-Jun-2012 01:50
Send private message

nate:
techmeister: 2talk do auto provisioning now too and it works very well.


Really? Was this announced somewhere?


They have actually been doing it for a while now.

You can see the devices they auto provision from the support pages under equipment installation guide.
You need to log into your account to enable auto-provisioning and specify your device.

http://www.2talk.co.nz/support/

 
 
 
 


1054 posts

Uber Geek
+1 received by user: 71


  Reply # 648724 30-Jun-2012 18:02
Send private message

Linksys SPA2102 Setup Guide
Linksys PAP2T Setup Guide
Cisco SPA122 Setup Guide

Just need to logon and select the device and 2talk does the rest.



289 posts

Ultimate Geek
+1 received by user: 18


  Reply # 649390 2-Jul-2012 10:14
Send private message

Thank you everyone, have chosen Compass on this occasion they do not use 2talk and if something goes wrong it is their issue as the whole lot is done in house, they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked to top it off they will rent me some nice looking Snom 821's, will advise of my experience. Thanks you again. 

Fully Operational
3268 posts

Uber Geek
+1 received by user: 1064

Trusted
Vocus
Subscriber

  Reply # 650129 3-Jul-2012 17:03
Send private message

johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!

It can be prevented without private addressing by having appropriate firewall rules, but private address would go some way, yes.  Unless of course you open up a public address anyway, so you can use VoIP phones remotely from the office... 

24994 posts

Uber Geek
+1 received by user: 4880

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650192 3-Jul-2012 18:39
Send private message

ubergeeknz:
johny99: they also say that it is "privately address" to greatly limiting the risk of been hacked do not know what this means but do not like the sound of been hacked


Being hacked, framed in terms of a VoIP system, generally means someone malicious connects to your PABX, authenticates as a legit station, and starts making international "0900" calls.  Very expensive!




I'd consider "being hacked" to be a lot more than that. Bots launching SIP URI attacks on a system can cause havoc, even if they're not physically able to route calls via the PBX.

I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.

In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.



3854 posts

Uber Geek
+1 received by user: 142


  Reply # 650209 3-Jul-2012 19:40
Send private message

sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

24994 posts

Uber Geek
+1 received by user: 4880

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650213 3-Jul-2012 19:44
Send private message

DonGould:
sbiddle: In this day in age if you have any SIP device explosed to the internet and port 5060 is wide open and not locked down to specific IP ranges (ie your VoIP provider) I see it as being no different to leaving your house door unlocked.




So what you're saying is that users should block any traffic on port 5060 to any location other than their ITSP's servers even if they're just running a device behind a NAT firewall?



No, because NAT offers a form of protection by creating pinholes.

I specifically mentioned hardware that was exposed directly to the internet.


3854 posts

Uber Geek
+1 received by user: 142


  Reply # 650351 4-Jul-2012 00:36
Send private message

sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

cisconz
1153 posts

Uber Geek
+1 received by user: 76

Trusted
Subscriber

  Reply # 650380 4-Jul-2012 06:02
Send private message

DonGould:

This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.


That is like saying anyone can rewire the phone socket in your house, while true, as seen in a lot of other threads, if not done correctly you can loose alot of speed on your connection.

Another example is re wiring a power socket, again easy, but get it wrong and you can kill someone or burn down your house.

A proper deployment model is the difference between having a house on your property and a caravan, both can be lived in, both serve their purpose, but you need to do alot more to make a caravan permanent than just drive it up and plug it in.
Think of the deployment model as being the project manager for a new house build, they have done all the research for you, promise it will be easy and meet building codes.

End of the day, you get a far better experience with a deployed solution than by someone who doesn't understand how it works putting in a device, that doesn't nessesarily meet all codes and protocols, but "still gives you dial tone"




Hmmmm

1492 posts

Uber Geek
+1 received by user: 435

Subscriber

  Reply # 650390 4-Jul-2012 07:08
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them.

It's also really important to me to have systems that follow good robust internationally accepted standards.

Geoff Huston spoke on ABC about this a few years ago.  He made two comments, one about compatibility and the other about security, and both very much apply in this space in my view.

This technology should not have to rely on uber trained experts to get it running and keep it running in my view, that's the throw back to decades old computing that the likes of Richard Stallman, Bill Gates and others fought to deliver us from.


I don't really think your argument makes a great deal of sense. If you are deploying a pc network you still need to configure it properly and deploy security, do maintainence etc. BYOD has very little to do with it, it's about deploying solutions in a robust manner. If you employed a numpty to do your IT deployment and he didn't install anti virus or deploy firewalls you would blame the guy doing the deployment not the tech.

If the people deploying the tech aren't competent then it is their issue not the tech.

Edited for typos

BDFL - Memuneh
58109 posts

Uber Geek
+1 received by user: 9637

Administrator
Trusted
Geekzone
Subscriber

  Reply # 650407 4-Jul-2012 07:45
Send private message

If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.





Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blogtechnology disclosure)

 

Come talk travel on TravelTalk NZ.

Geekzone Price comparison | Geekzone News | Jinglebugs | Legal Movie Services in New Zealand | Payoneer | MightyApe | AliExpress | Amazon | 

24994 posts

Uber Geek
+1 received by user: 4880

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 650414 4-Jul-2012 08:02
Send private message

DonGould:
sbiddle: I encountered a PBX today configured by a big player in the SME PBX sector that's wide open to the world, and their technical staff lacking any knowledge of the security risks, or issue involved. I'm not going to say any more here, but safe to say significant issues are arising as a result of this.


This says a great deal to me about the protocol and the whole space.  Technology should be easy to deploy and manage.

It seems to me that so far this technology is like computers where in the days of main frames and mini's.  It's not mature and only really expected to work in the corporate space.

I've been thinking more about the BYOD debate we had earlier.  Mobile phones are BYOD and work very well. 

Computers are very much BYOD these days and have been for 3 decades.  Even networked computers have been very BYOD for 2 decades since Windows for Work Groups 3.11 made peer to peer networking easy and Windows 95 made it even easier.

BYOD is important to me because it seems the only way to get the message to coms companies that they have to keep delivering more value is to leave them. 



While this issue has nothing to do with a BYOD scenario, you could argue there are issues in common - security.

Anytime a device is hooked up to the internet you're exposing yourself to the entire internet. A 5yr old kid in Russia could find your IP address, as could a bot running from an EC2 instance in the US. In this day in age nobody in their right mind would leave a PC directly connected to the internet without some form of security, whether it be a software or hardware firewall or security appliance. Hooking up a PC at home to a NAT router at least offers some form of additional protection, even without a SPI forewall.

If you're going to expose port 5060 to the internet you need to be fully aware of the risks of doing so, and for this reason alone I would never recommend anybody configure a port forward to a VoIP device unless they fully understand the risks. I would go as far as saying 99% of people don't understand these risks, because they've never had to drive the ambulance to the car crash at the bottom of the hill.

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.

As for mobile phones being a BYOD device - apart from being able to change your API phones are a very locked down device that don't pose anywhere near the same risks. A person isn't going to be charged 60 minutes for a 1 min call because they didn't configure their mobile phone correctly, however this is a very real reality in the VoIP world with a BYOD scenario if configuration options such as SIP timers aren't configured correctly.

BYOD in the mobile world also isn't a perfect solution. If you buy an XT Galaxy S III for example and use it on Vodafone you'll suffer degraded battery life because fast dormancy is disabled in the XT handset, but supported on the Vodafone network. Likewise buy a VF SGS III and use it on XT and you'll suffer from degraded battery life because XT doesn't support fast dormancy and the handset has this enabled.


1407 posts

Uber Geek
+1 received by user: 229

Trusted
Subscriber

  Reply # 650434 4-Jul-2012 08:50
Send private message

 

As for PC's being a BYOD device I couldn't disagree more. No IT manager in their world who has a brain and  wants a secure corporate or business IT network would let anybody bring their own PC to work unless that device belongs to the domanin and appropiate security policies are in place. The risks of letting users stroll up with their home laptop infested with spyware and viruses are simply far too great.




Geez dude, can't you just stop visiting those dodgy voip sites and keep your laptop clean?

Or better yet, get a Mac! they're secure and don't viruses, right....?

Oh wait, that's changed hasnt it....




________
AK

3854 posts

Uber Geek
+1 received by user: 142


  Reply # 650984 4-Jul-2012 22:26
Send private message

freitasm: If you think that simply bringing your own device and plugging to the network is all it takes, you are wrong.


Totally agree, that this my whole argument. 

We really need to get to a point where this technology is plug and play and Cisco should be leading the charge in this space.

I should be able to take a VoIP device from one network to another, and move my numbers with it, as quickly and simply as I can move a domain name and connect my wifi device from one network to another.

I totally agree with everyone who has suggested, stated or hinted that it's not this simple, it should be and we need to work to get it to that point with global standards.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Behind Spark’s slow-burn 4.5G plan
Posted 26-Jun-2017 16:23

Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10

Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10

VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05

Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56

Intel and IOC announce partnership
Posted 22-Jun-2017 18:50

Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05

Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51

Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50

You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47

Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38

Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03

Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21

Spark New Zealand prepares for 5G with Nokia
Posted 14-Jun-2017 12:16

The future-proof 10.5-inch iPad Pro
Posted 13-Jun-2017 18:16


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.