[asterisk-biz] PBX got Hacked

BJ Weschke bweschke at gmail.com
Fri Feb 13 13:30:56 CST 2009


Gregory Boehnlein wrote:
>>> I think most experienced *nix administrators can handle their own
>>> IPTables, OpenVPN, and whatever else.
>>>
>>>       
>>  I think maybe you misread my post. I don't think it's propaganda at
>> all. Switchvox, apparently, instructs you to put their device behind a
>> firewall. If you don't, then just like doing a poor plumbing job,
>> you're a prime candidate for "leaks" and things that come with "leaks"
>> down the line.
>>
>>  With regard to your post, "I think most experienced *nix
>> administrators can handle their own IPTables, OpenVPN, and whatever
>> else.". Yes. I totally agree, but as someone already raised the point,
>> how many of the authorized SwitchVox resellers actually have
>> "experienced *nix administrators" on staff?   I sincerely doubt that's
>> one of their requirements to become a reseller, and while I do
>> understand it, I think to not have at least one of those types of
>> people on staff with those types of skills *should* be a requirement
>> for a good reseller.
>>     
>
> I would have to agree with this assessment. Many of the installers that are
> out there trying to migrate from the Telephony world to the IP Converged
> world have absolutely no concept of Network security. Conversely, a lot of
> the Data focused service providers have little understanding of the world of
> Telephony.
>
> It is one of the most common problems that I run into in the field..
> Resellers and installers that have not done their homework, do not
> understand the complex engineering requirements of a Converged IP network
> and are just trying to stay afloat in a quickly shifting environment. In
> fact, I recently remarked to a co-worker that it seems that the majority of
> the consulting work that I'm doing is "Network Janitorial Services" where I
> am mopping up the complete messes created by clueless resellers.
>
> That being said, Switchvox is an appliance. Think of it like a toaster that
> does one thing really well; make toast. In Switchvox's case, it is designed
> to make it easier to deploy IP and PSTN communications. They don't claim the
> system to be anything other than a PBX.
>
> Go ask Vodavi or Panasonic if they can provide firewalling services in their
> IP PBX products, and tell me what response you get.. More than likely they
> will give you a blank stare and ask "what is a firewall?".
>
> Here is the way that I view it. If I install a system for a customer, it is
> my obligation to inform the customer of their options and the liabilities
> inherent in any choices that they might make. That requires understanding of
> the system you are selling, and the architectures under which that system
> works best. If I don't know what I'm selling, how to secure it, install it,
> adhere to best-practices, then I'm ripping off my customer and shouldn't
> really be in the business of installing an IP system in the first place.
>
>
>
>   

 Amen to that damin! 'Nuff said! :-)

-- 
--
Bird's The Word Technologies, Inc.
http://www.btwtech.com/






More information about the asterisk-biz mailing list