[Asterisk-Users] Cordless vs Wireless phones

Harry McGregor hmcgregor at espri.arizona.edu
Mon Nov 8 16:14:21 MST 2004


On Mon, 2004-11-08 at 16:27 -0600, Michael Giagnocavo wrote:
> >The WiSIP phone supports WEP 128 encryption. Not sure if it supports WPA
> >encryption, but that'd be your best bet. I'd use maximum encryption, and
> >separate your AP from your regular network. Just plug an AP into another
> >Ethernet card on your Asterisk server. The phones only need to talk to the
> >Asterisk server, no internet access or anything else. So even if somebody
> >spent the time it'd take to break the encryption, they don't get internet
> >or
> >access to workstation or servers or anything. 
> 
> WEP is quite broken. Probably not even worth enabling, even with 128-bit key
> lengths. Then again, if they are using analog cordless phones, those are
> probably purely unencrypted, so it's pretty much the same.

WEP is not as broken as you might think, it takes a fair amount of time
and traffic to break.  It is also statement of "this network is not for
you", and thus you have a far better claim at breaking and entering that
you do without wep.

Think of it as a dinky little $0.50 padlock on your storage shed.  If a
thief cuts the lock, they are in a lot more trouble than just opening
the door.

Separate WLAN (ie not with your normal phones, and not with your
workstations), and WEP (even 64 bit) will keep people out of it.  Not
having a default route as well will help if they do break in, and MAC
address locking on the AP is another good one to use.

All of these together, like car thief's, will drive the person on to the
next AP, instead of working on breaking into yours.

			Harry

> -Michael
> 
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Kubat, Philip
> Sent: Monday, November 08, 2004 2:19 PM
> To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
> Subject: [Asterisk-Users] Cordless vs Wireless phones
> 
> We currently have an Asterisk installation and need to add cordless /
> wireless phones.  Requirements are these phone need to be equals to the
> "wired" devices, i.e. dedicated buttons for hold, transfer, etc. , e.g. not
> an ATA connected analog phone cordless phone.  Was thinking of using 802.11b
> SIP phones (etc), but this opens up all the security concerns of 802.11 and
> the network.  Do any of these phone support VPNs?   Have to isolate the WLAN
> from the LAN.
> 
> If not is there a SIP (or any other Asterisk channel) device that is a
> "cordless  phone".  Some things like combining an ATA w/a cordless phone?
> But as one device with all the "digital" features?
> 
> Thanks!
> Phil
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
-- 
Harry McGregor, Computing Manager
Tucson Support Group - U.S. Geological Survey
University of Arizona - Environment and Natural Resource Building
520-670-5574 (office) - hmcgregor at espri.arizona.edu
520-661-7875 (Cell) - hmcgregor at usgs.gov

The opinions/statements expressed herein are my own and should
not be taken as a position, opinion, or endorsement of the
University of Arizona or the U.S. Geological Survey.




More information about the asterisk-users mailing list