Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > VOIP > Safe to put a Linksys 3000 in a DMZ

Reply
Thread Tools

Safe to put a Linksys 3000 in a DMZ

 
 
Dave
Guest
Posts: n/a
 
      04-18-2006
Just wondering is it safe to put a Linksys 3000 ATA on a router's DMZ, is it
likely to get hacked being 'wide open'

Dave.

 
Reply With Quote
 
 
 
 
Ivor Jones
Guest
Posts: n/a
 
      04-19-2006


"Dave" <(E-Mail Removed)> wrote in message
news:44451c32$0$29192$(E-Mail Removed)
> Just wondering is it safe to put a Linksys 3000 ATA on a
> router's DMZ, is it likely to get hacked being 'wide open'
>
> Dave.


What exactly would anyone be able to hack in an ATA..?

Ivor


 
Reply With Quote
 
 
 
 
William P.N. Smith
Guest
Posts: n/a
 
      04-19-2006
"Ivor Jones" <(E-Mail Removed)> wrote:
>"Dave" <(E-Mail Removed)> wrote in message
>> Just wondering is it safe to put a Linksys 3000 ATA on a
>> router's DMZ, is it likely to get hacked being 'wide open'


>What exactly would anyone be able to hack in an ATA..?


Well, you could attach to it and make outgoing phone calls on Dave's
dime...
 
Reply With Quote
 
Dave
Guest
Posts: n/a
 
      04-19-2006

"William P.N. Smith" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Ivor Jones" <(E-Mail Removed)> wrote:
> >"Dave" <(E-Mail Removed)> wrote in message
> >> Just wondering is it safe to put a Linksys 3000 ATA on a
> >> router's DMZ, is it likely to get hacked being 'wide open'

>
> >What exactly would anyone be able to hack in an ATA..?

>
> Well, you could attach to it and make outgoing phone calls on Dave's
> dime...


EXACTLY what I was thinking someone hacking there way in and taking my
details and using my account .....
Not sure how vulnerable a ATA is, also maybe possible to hack back into the
network via the ATA....??

Dave..

 
Reply With Quote
 
Ivor Jones
Guest
Posts: n/a
 
      04-19-2006


"Dave" <(E-Mail Removed)> wrote in message
news:4445e989$0$19704$(E-Mail Removed)
> "William P.N. Smith" <(E-Mail Removed)> wrote in
> message news:(E-Mail Removed)...
> > "Ivor Jones" <(E-Mail Removed)> wrote:
> > > "Dave" <(E-Mail Removed)> wrote in message
> > > > Just wondering is it safe to put a Linksys 3000 ATA
> > > > on a router's DMZ, is it likely to get hacked being
> > > > 'wide open'

> >
> > > What exactly would anyone be able to hack in an ATA..?

> >
> > Well, you could attach to it and make outgoing phone
> > calls on Dave's dime...

>
> EXACTLY what I was thinking someone hacking there way in
> and taking my details and using my account .....
> Not sure how vulnerable a ATA is, also maybe possible to
> hack back into the network via the ATA....??


I can't see how.

Ivor


 
Reply With Quote
 
William P.N. Smith
Guest
Posts: n/a
 
      04-19-2006
"Ivor Jones" <(E-Mail Removed)> wrote:
>> "William P.N. Smith" <(E-Mail Removed)> wrote in


>> > Well, you could attach to it and make outgoing phone
>> > calls on Dave's dime...


>I can't see how.


Well, it's got an FXO port, which Dave has attached to his incoming
POTS line. If I can get at it, I can make calls (including long
distance calls and $500/min 900 calls, which I've previously arranged
to get a cut of) on Dave's POTS line.
 
Reply With Quote
 
Ivor Jones
Guest
Posts: n/a
 
      04-19-2006


"William P.N. Smith" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed)
> "Ivor Jones" <(E-Mail Removed)> wrote:
> > > "William P.N. Smith" <(E-Mail Removed)>
> > > wrote in

>
> > > > Well, you could attach to it and make outgoing phone
> > > > calls on Dave's dime...

>
> > I can't see how.

>
> Well, it's got an FXO port, which Dave has attached to
> his incoming POTS line. If I can get at it, I can make
> calls (including long distance calls and $500/min 900
> calls, which I've previously arranged to get a cut of) on
> Dave's POTS line.


I can see what you're getting at, but I can't see how you would achieve
it. In almost 2 years of using VoIP on a day to day basis I have never
heard of an ATA being "hacked" in the manner you describe. An ATA isn't
the same thing as a PC. I am prepared to be proven wrong, but it's not
something I have ever heard of happening, or even discussed before now.


Ivor


 
Reply With Quote
 
B. Wright
Guest
Posts: n/a
 
      04-21-2006
Ivor Jones <(E-Mail Removed)> wrote:


> "William P.N. Smith" <(E-Mail Removed)> wrote in
> message news:(E-Mail Removed)
> > "Ivor Jones" <(E-Mail Removed)> wrote:
> > > > "William P.N. Smith" <(E-Mail Removed)>
> > > > wrote in

> >
> > > > > Well, you could attach to it and make outgoing phone
> > > > > calls on Dave's dime...

> >
> > > I can't see how.

> >
> > Well, it's got an FXO port, which Dave has attached to
> > his incoming POTS line. If I can get at it, I can make
> > calls (including long distance calls and $500/min 900
> > calls, which I've previously arranged to get a cut of) on
> > Dave's POTS line.


> I can see what you're getting at, but I can't see how you would achieve
> it. In almost 2 years of using VoIP on a day to day basis I have never
> heard of an ATA being "hacked" in the manner you describe. An ATA isn't
> the same thing as a PC. I am prepared to be proven wrong, but it's not
> something I have ever heard of happening, or even discussed before now.


Ivor, that's a dangerous assumption to be made really. You're
trusting that there's NO possible way that Sipura has a security hole.
Regardless of the fact that it doesn't run a traditional OS, it has an
embedded operating system of sorts and devices like this have security
flaws as well. Just because it hasn't happened yet doesn't mean it
won't happen, remember when (if you've used the internet long enough you
well) the internet was "safe" and no one got hacked, was this because
none of the systems had security problems? No, security was laughable,
it was just the fact that there were a lot less monkeys out there with a
desire to do such things. Once something becomes more interesting and
widespread (and VoIP has already become this) it is a huge target of
interest to be hacked. One very obvious problem with the Sipura is the
access to the web interface doesn't even support SSL! When it comes to
security it's better not to make assumptions and be overly paranoid than
to be overly sloppy and find out later you were wrong. I believe that,
even behind some type of security device, SIP devices are still going to
have exploits exposed.

Imagine you're on an extended trip, halfway around the world,
using your SPA-3000 for communication and it's hooked onto the local
phone line so you can make outgoing local calls as well. Now, you've
left it in the DMZ and it gets hacked. What are you going to do?
Call and cancel your phone line it's connected to in order to mitigate
the damages?

 
Reply With Quote
 
Ivor Jones
Guest
Posts: n/a
 
      04-21-2006


"B. Wright" <(E-Mail Removed)> wrote in message
news:e29crt$qm8$(E-Mail Removed)

[snip]

> Imagine you're on an extended trip, halfway around the
> world,
> using your SPA-3000 for communication and it's hooked
> onto the local phone line so you can make outgoing local
> calls as well. Now, you've left it in the DMZ and it
> gets hacked. What are you going to do?
> Call and cancel your phone line it's connected to in
> order to mitigate the damages?


Ok, but let me hear of an actual *documented* case where it has happened
before I get paranoid.

Many systems, SIP included, by their very nature have to be seen by the
outside world in order to work. Even if they're not in the DMZ (they're
not here), are my ATA's going to be hacked..?

Ivor


 
Reply With Quote
 
Arun Khan
Guest
Posts: n/a
 
      05-01-2006
Dave wrote:

>
> "William P.N. Smith" <(E-Mail Removed)> wrote in message
>> Well, you could attach to it and make outgoing phone calls on Dave's
>> dime...

>
> EXACTLY what I was thinking someone hacking there way in and taking my
> details and using my account .....
> Not sure how vulnerable a ATA is, also maybe possible to hack back into
> the network via the ATA....??


What is the alternative if one wants to use the VoIP number for *inbound*
calls? Just like any other Internet node, you have to keep your ATA
firmware updated to the latest version.

It would be nice if the device manufacturers and service providers can
provide a "security announcement" list for such updates.

If you are going to use the device for outbound calls only then you can
place the ATA behind a firewall and it should work.

-- Arun Khan
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Allow smtp traffic from DMZ to Inside, without DMZ loosing Internet connection? morten Cisco 4 09-04-2007 01:48 PM
Cisco PIX DMZ to DMZ Access Network-Guy Cisco 7 09-25-2005 08:28 PM
how to config 515-e-dmz dmz routes & ACL? JohnC Cisco 9 12-07-2004 09:14 AM
Re: Those cute little "WORK-SAFE" / "NOT WORK-SAFE" tags that people put in the Subject headers of their posts... Soapy Digital Photography 1 08-16-2004 12:07 PM
Re: Those cute little "WORK-SAFE" / "NOT WORK-SAFE" tags that people put in the Subject headers of their posts... Soapy Digital Photography 1 08-16-2004 06:24 AM



Advertisments