+ Post New Thread
Results 1 to 4 of 4
General Chat Thread, PBX Firewall in General; We are being advised that we should buy ControlPhreak a PBX firewall to prevent Phreaking. Wondered if other schools perceive ...
  1. #1

    Join Date
    Jan 2007
    Location
    EduAction, Waltham Forest LEA
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    PBX Firewall

    We are being advised that we should buy ControlPhreak a PBX firewall to prevent Phreaking. Wondered if other schools perceive phreaking as a real threat and what they have done about it. Please can a few of you share your thoughts on what, if anything, you use to protect against this threat and what you think of the software or hardware that you are using.

    Thanks

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,174
    Thank Post
    868
    Thanked 2,702 Times in 2,289 Posts
    Blog Entries
    11
    Rep Power
    773
    In general we just change the default configuration passwords on the PBX as that seems to be the main attack vector. This is ineffective if they get the master service code but in most cases I've heard of it is simply people using the default passwords that they can get right out of the manual.

  3. #3

    Join Date
    Jan 2007
    Location
    EduAction, Waltham Forest LEA
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    This is the main line of attack and so we have changed default passwords. However, I am told that software and / or hardware is freely available on the web that will try all ten thousand password combinations in minutes.

    I'm not sure how true this is or if it's just scaremongering - it doesn't sound like something that would be too difficult to accomplish. I'm thus surprisedd that there didn't seem to be a whole load of cheap alternatives to ControlPhreak.

    Wonder if anyone else has any further views on the subject...

  4. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,174
    Thank Post
    868
    Thanked 2,702 Times in 2,289 Posts
    Blog Entries
    11
    Rep Power
    773
    The other thing that you can do depending on the system is switch off the ability to log into it from any other interface other than the internal one. This secures the administration side of it from all but software bugs in the system. This limits the attack surface but does make it more difficult to maintain.

    The only thing that I can see the direwall helping with is detecting multiple failed logon attempts if the system is setup right and maybe giving an extra level of protection for PBX software bugs.

SHARE:
+ Post New Thread

Similar Threads

  1. Endian Firewall
    By Craig_W in forum *nix
    Replies: 10
    Last Post: 6th July 2007, 04:23 PM
  2. no firewall etc
    By ptrainor1 in forum Wireless Networks
    Replies: 15
    Last Post: 22nd October 2006, 09:34 PM
  3. Windows Firewall
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 31st August 2005, 12:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •