[asterisk-users] Polycom 501 provisioning : how to secure values located in plein text files

C F shmaltz at gmail.com
Wed Jul 26 19:14:40 MST 2006


Use a username and password for the FTP. Of course that also means
that you can't use the default username and password and an extra
config step before deploying the phones, and also that with a network
sniffer s/he can get the username and password.

On 7/26/06, Mike <list at virtutel.ca> wrote:
>
>
> Hello,
>
> This is a follow up question to my issues setting up the Polycom 501 when i
> first received it.  I've been playing with the provisioning aspect, and it
> works great.  My only issue is the following: Its a tradeoff between
> efficient and secured, and I'd like to know if I can have my cake and eat it
> too.
>
> Context: I have 15 phones in my company.  I have an FTP server, that
> contains a directory with a general sip.cfg setup, and 15 phonex.cfg, one
> for each phone.
>
> How can I prevent an educated idiot from getting a phonex.cfg file which
> isnt meant for him, finding out the reg username and reg.password values and
> then passing off as, let's say, his boss and wreaking havoc on the business'
> reputation by getting calls which weren't meant for him...?
>
> Mike
>
>
>
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
>



More information about the asterisk-users mailing list