draytel account hack - anyone else?

Discussion in 'UK VOIP' started by tg, Apr 12, 2010.

  1. Name calling when it fits. You are acting like a retarded arse. If you
    really are that thick that you can't work it out then quit wasting
    everyone else's time tosser.
     
    Vicktor Whieste, Apr 16, 2010
    #41
    1. Advertisements

  2. tg

    Bob Eager Guest

    Then you need to learn a bit more about domain names. .org is not
    administered by Nominet - they only do UK domains.
     
    Bob Eager, Apr 16, 2010
    #42
    1. Advertisements

  3. tg

    tg Guest

    but a couple of posts ago you wrote:
    'Nominet have updated the WHOIS entry'
    that's why I went to nominet.
    also, I don't see what's been updated. It's still Phone:+44.00000000 in the
    whois records I see.
     
    tg, Apr 16, 2010
    #43
  4. tg

    tg Guest

    Name calling when it fits. You are acting like a retarded arse. If you
    so you don't have any proof of a definite link.
    dogs bite when they're cornered as well...
     
    tg, Apr 16, 2010
    #44
  5. tg

    Bob Eager Guest

    Sigh. They have updated the draytek.co.uk entry, which (until this
    morning) was set with privacy enabled, saying they were a private
    individual. Once that was opened up, the address became visible and
    matched the already-visible one for draytel.org.

    The draytel.org WHOIS entry isn't held by Nominet, because it's a .org,
    not a .uk.
     
    Bob Eager, Apr 16, 2010
    #45
  6. tg

    alexd Guest

    Having seen your other comments in this thread, and postings in
    comp.dcom.sys.cisco about IOS ACLs, I would be entirely unsurprised if
    your phone system is open to the world, and you have fallen victim to a
    brute force attack. I'm basing this guess purely on what you've written
    on usenet.

    In mitigation however, it does seem a bit odd that Draytel don't want to
    say what IP address the calls were made from, although if you treat
    Draytel staff like you treat people here trying to help you, then I'm
    not surprised they're trying to get rid of you ASAP.
     
    alexd, Apr 16, 2010
    #46
  7. tg

    tg Guest

    very odd. I wonder if the ip addresses were dangerously close to home.
    couldn't give a damn about that. draytel tried to screw me, I don't forgive
    that and besides, I never actually went for anyone in this thread.
     
    tg, Apr 16, 2010
    #47
  8. tg

    Graham. Guest

    I've just exchanged posts with Martin in the thread you started uk.legal

    Assuming you have changed the login password & SIP password, can you
    post here what the original ones were?
    If you don't want to do that, can you at least tell us how they were formatted,
    number of characters/digits etc.
     
    Graham., Apr 17, 2010
    #48

  9. He won't do that - or if he does they won't be correct. It will show him
    up as a complete tit.
     
    Vicktor Whieste, Apr 17, 2010
    #49
  10. tg

    tg Guest

    no, but based on this experience with draytel I see now how the username and
    password - as originally given to me by draytel - were weak and easy to
    hack.
     
    tg, Apr 17, 2010
    #50
  11. tg

    Graham. Guest

    OK.
    Can you see how that is more thought out than a vague "Draytel hacked my account"?
    Is it true that when you signed up, the SIP password they issued was numbers only, so it could be dialled
    on a phone to access a call-through service they provided?
    If so how many digits?
    Was it possible to change it?

    When they changed their password policy to what it is now (which is good IMHO) did they email
    you encouraging you to change it?
     
    Graham., Apr 17, 2010
    #51
  12. tg

    Bob Eager Guest

    And did they tell you to change it as soon as you got it? I seem to
    recall that you said you were using the same one still...when you got
    hacked.
     
    Bob Eager, Apr 17, 2010
    #52
  13. tg

    tg Guest

    OK.
    I never said draytel hacked my account, I said my account got hacked at
    draytels end.
    don't know about that, I find it puzzling sorry
    I expect it was possible to change it but security is primarily draytels
    problem. With the equipment I use it's a job and a half getting the sip
    trunk up, and when you first get a sip service up and running the last thing
    I want to do is start changing things.
    no
     
    tg, Apr 17, 2010
    #53
  14. tg

    tg Guest

    And did they tell you to change it as soon as you got it?

    no
    that's correct
     
    tg, Apr 17, 2010
    #54
  15. tg

    Graham. Guest

    Presumably the hacker unlawfully made the calls in the same way as you
    lawfully make them. This constant insistence that it was "Hacked at Draytel's end"
    is superfluous and done for effect IMHO. When you make calls, are you making
    them from Draytels end? Sorry to bang on about this, but you do your argument no good
    if you pepper it with irrelevances.

    I do have some sympathy with you however, because if that poster on uk.legal
    it right Draytel did have an abominable password policy at one time.
    It is bad form to issue a weak password and expect the user to create a stronger one

    I suggest you focus on only that with your complaint to Draytel.
    You still haven't told us how weak or strong the passwords* were.

    *Plural because the password to log onto the web portal is equally important.
     
    Graham., Apr 17, 2010
    #55
  16. Koos van den Hout, Apr 19, 2010
    #56
  17. tg

    Graham. Guest

    Interesting that it assumed people would know what Amazon EC2 is, you would think
    a short explanation would be appropriate.

    I hadn't heard of it, but I've now acquired some basic overview knowledge.
     
    Graham., Apr 19, 2010
    #57
  18. tg

    alexd Guest

    Interesting that I couldn't conceive of someone who knows how to program
    a SIP endpoint *not* knowing what EC2 is ;-)
     
    alexd, Apr 19, 2010
    #58
  19. One of those things which has turned 'normal' to me because of what I do
    and who I communicate with. Trying to explain the whole concept, let alone
    how this is a commercial service, to people who aren't as aware of what
    happens exactly when they visit a website may be challenging.

    To get the subject back to VoIP: in other contexts, even aware of computers
    and Internet, SIP may be an unknown use of Internet.

    Koos
     
    Koos van den Hout, May 5, 2010
    #59
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.