We are being advised that we should buy ControlPhreak a PBX firewall to prevent Phreaking. Wondered if other schools perceive phreaking as a real threat and what they have done about it. Please can a few of you share your thoughts on what, if anything, you use to protect against this threat and what you think of the software or hardware that you are using.
In general we just change the default configuration passwords on the PBX as that seems to be the main attack vector. This is ineffective if they get the master service code but in most cases I've heard of it is simply people using the default passwords that they can get right out of the manual.
This is the main line of attack and so we have changed default passwords. However, I am told that software and / or hardware is freely available on the web that will try all ten thousand password combinations in minutes.
I'm not sure how true this is or if it's just scaremongering - it doesn't sound like something that would be too difficult to accomplish. I'm thus surprisedd that there didn't seem to be a whole load of cheap alternatives to ControlPhreak.
Wonder if anyone else has any further views on the subject...
The other thing that you can do depending on the system is switch off the ability to log into it from any other interface other than the internal one. This secures the administration side of it from all but software bugs in the system. This limits the attack surface but does make it more difficult to maintain.
The only thing that I can see the direwall helping with is detecting multiple failed logon attempts if the system is setup right and maybe giving an extra level of protection for PBX software bugs.