[asterisk-security] Sometimes, Reality is far more scary?

Hugh McLenaghan hughmcl at hotmail.com
Mon Oct 14 18:13:43 CDT 2013


It is definitely scary how many IP phone devices out there are unprotected and have their credentials easily crackable.  Luckily most of the people that were at the convention are there for good purposes.   Just think what kind of damage that can be done if the information gets into the wrong hands.   Of course the information is readily accessible, but at the moment I don't think that those who do damage know about the site in the blog.

I'm wondering if it would be smart to set up a communication network to notify or at least assist in notifying all those people with unprotected devices on the internet.  I for one, would be interested and willing to participate in such a 'movement' or security move.   Of course I don't want to get in trouble for attempting to hack which is the other downside here, in that although we're wanting to do this for good, it may end up in hurting us.

These easily hackable devices, may not directly affect us, however at some point it will, as those who have those devices might end up using our networks, and then we'd also be the targets of these attacks.

Thoughts?

            Hugh McLenaghan




> From: asterisk-security-request at lists.digium.com
> Subject: asterisk-security Digest, Vol 74, Issue 1
> To: asterisk-security at lists.digium.com
> Date: Mon, 14 Oct 2013 12:00:02 -0500
> 
> Send asterisk-security mailing list submissions to
> 	asterisk-security at lists.digium.com
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.digium.com/mailman/listinfo/asterisk-security
> or, via email, send a message with subject or body 'help' to
> 	asterisk-security-request at lists.digium.com
> 
> You can reach the person managing the list at
> 	asterisk-security-owner at lists.digium.com
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of asterisk-security digest..."
> 
> 
> Today's Topics:
> 
>    1. Astricon Security Master Class: Sometimes, Reality is far
>       more scary? (Eric Klein)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Mon, 14 Oct 2013 00:14:27 +0300
> From: Eric Klein <eric.klein at greenfieldtech.net>
> To: asterisk-security at lists.digium.com
> Subject: [asterisk-security] Astricon Security Master Class:
> 	Sometimes, Reality is far more scary?
> Message-ID:
> 	<CAD4dZ0=nk3mG7tdReOfjoOHtOZ1QhWGnXtrdaeLGv5+R3hDzgg at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> New blog entry about what happened in one of the sessions
> http://www.greenfieldtech.net/blog/2013/10/sometimes-reality-is-far-more-scary/
> 
> -- 
> Eric Klein
> Sr. Consultant
> GreenfieldTech
> Mobile +972-54-666-0933
> Email Eric.Klein at greenfieldtech.net
> Skype: EricLKlein
> Web: http://www.greenfieldtech.net/
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.digium.com/pipermail/asterisk-security/attachments/20131014/27aace79/attachment-0001.html>
> 
> ------------------------------
> 
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
> 
> asterisk-security mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-security
> 
> End of asterisk-security Digest, Vol 74, Issue 1
> ************************************************
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-security/attachments/20131014/f0047bf9/attachment.html>


More information about the asterisk-security mailing list