« Telephony Denial of Service (TDoS) Webinar Link | Main | Voice/VoIP Security Toll Fraud List of Attack »

November 03, 2010

Comments

Justincardinal

The story almost seems to suggest they were allowing anyone to authenticate against the system, or using extensions with blank passwords or something. Allowing remote SIP connections is one thing, but allowing them from anyone without requiring even a password is something else. I'd definitely be interested to hear if you get more info. I'm trying to understand whether this was absolutely terrible security, or if I'm missing something.

Mark Collier

Thanks for the comment. I will post more info as soon as I get it.

The comments to this entry are closed.

My Photo

Search Blog

  • Search Blog
    Google

    WWW
    voipsecurityblog.typepad.com

Become a Fan

Telephony Denial of Service (TDoS)