[cisco-voip] Your Associated Webex Sites

Mon Sep 9 13:02:33 EDT 2019

I don't know Brian.  My work email is only associated to a single password,
not multiple.  Ask me for my password, and then show me my list of sites.
Makes sense in my head.

On Mon, Sep 9, 2019 at 9:59 AM Brian Meade <bmeade90 at vt.edu> wrote:

> This would be a big change most likely on the Webex side.  They can't
> authenticate until they know which site and manually entering site URL's is
> probably a no-go for end users.  A bit similar to Zoom's issue trying to
> focus more on faster join times/easier experience over security.
>
> On Mon, Sep 9, 2019 at 10:01 AM Anthony Holloway <
> avholloway+cisco-voip at gmail.com> wrote:
>
>> Exactly!  Ok, so now you are seeing what I am seeing.  Just imagine if
>> one were so inclined to use Fiddler to see what call the app was making to
>> the cloud, and then use that knowledge in a python script to automate the
>> scraping of this data.  Not that I did that.  Laughs in PSIRT.
>>
>> On Mon, Sep 9, 2019 at 8:56 AM Brian Meade <bmeade90 at vt.edu> wrote:
>>
>>> I just did some testing here.  I'm also seeing some Control Hub-only
>>> customers in my list.  I'm set as a partner admin only for those accounts.
>>>
>>> On Mon, Sep 9, 2019 at 9:32 AM Matthew Loraditch <
>>> MLoraditch at heliontechnologies.com> wrote:
>>>
>>>> Ohhhhh, Interesting. Everyone we have is on CI and Control Hub, so I
>>>> don’t see other sites.
>>>>
>>>>
>>>>
>>>>
>>>> Matthew Loraditch
>>>> Sr. Network Engineer
>>>> p: *443.541.1518* <443.541.1518>
>>>> w: *www.heliontechnologies.com* <http://www.heliontechnologies.com/>
>>>>  |  e: *MLoraditch at heliontechnologies.com*
>>>> <MLoraditch at heliontechnologies.com>
>>>> [image: Helion Technologies] <http://www.heliontechnologies.com/>
>>>> [image: Facebook] <https://facebook.com/heliontech>
>>>> [image: Twitter] <https://twitter.com/heliontech>
>>>> [image: LinkedIn]
>>>> <https://www.linkedin.com/company/helion-technologies>
>>>> *From:* Brian Meade <bmeade90 at vt.edu>
>>>> *Sent:* Monday, September 9, 2019 9:25 AM
>>>> *To:* Matthew Loraditch <MLoraditch at heliontechnologies.com>
>>>> *Cc:* Anthony Holloway <avholloway+cisco-voip at gmail.com>; Charles
>>>> Goldsmith <w at woka.us>; Cisco VoIP Group <cisco-voip at puck.nether.net>
>>>> *Subject:* Re: [cisco-voip] Your Associated Webex Sites
>>>>
>>>>
>>>>
>>>> I think the issue he's talking about is when logging in to something
>>>> such as the Webex Meetings App.  After entering your email address, you get
>>>> a list of sites to choose from.  Technically you could enter anyone's email
>>>> address and see what Webex sites they have an account on.
>>>>
>>>>
>>>>
>>>> This mostly seems to be Site Admin sites since you can't have the same
>>>> email in 2 different control hub organizations.
>>>>
>>>>
>>>>
>>>> On Mon, Sep 9, 2019 at 8:15 AM Matthew Loraditch <
>>>> MLoraditch at heliontechnologies.com> wrote:
>>>>
>>>> The only list I can think of is behind the sign in screen for webex
>>>> admin and it only lists the accounts you have been given access to so I’m
>>>> not sure how or why this would ever be a problem? It’s no different than
>>>> looking at my deal list in CCW or say your accounting departments list of
>>>> accounts? Unless I’m missing what you are thinking about?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *Matthew Loraditch***
>>>>
>>>> *Sr. Network Engineer*
>>>>
>>>> p: *443.541.1518* <443.541.1518>
>>>>
>>>> w: *www.heliontechnologies.com* <http://www.heliontechnologies.com/>
>>>>
>>>>  |
>>>>
>>>> e: *MLoraditch at heliontechnologies.com*
>>>> <MLoraditch at heliontechnologies.com>
>>>>
>>>> [image: Helion Technologies] <http://www.heliontechnologies.com/>
>>>>
>>>> [image: Facebook] <https://facebook.com/heliontech>
>>>>
>>>> [image: Twitter] <https://twitter.com/heliontech>
>>>>
>>>> [image: LinkedIn]
>>>> <https://www.linkedin.com/company/helion-technologies>
>>>>
>>>> *From:* cisco-voip <cisco-voip-bounces at puck.nether.net> *On Behalf Of *Anthony
>>>> Holloway
>>>> *Sent:* Monday, September 9, 2019 8:11 AM
>>>> *To:* Charles Goldsmith <w at woka.us>
>>>> *Cc:* Cisco VoIP Group <cisco-voip at puck.nether.net>
>>>> *Subject:* Re: [cisco-voip] Your Associated Webex Sites
>>>>
>>>>
>>>>
>>>> Correct, mostly for Partners, since:
>>>>
>>>>
>>>>
>>>> A) We have a higher quantity than end customers
>>>>
>>>> B) The list of sites acts like a list of customers we do business with
>>>> (past, current and future)
>>>>
>>>> C) Lists off all end customer sites too (which, depending on how the
>>>> site names are being used, could give insight into the business; E.g.,
>>>> divisions, project names, future name changes indicating: splits, mergers,
>>>> re-branding, etc.
>>>>
>>>>
>>>>
>>>> However, I would think it would apply to end customers themselves too.
>>>> Not only for option C above, but I can also see a situation where if two
>>>> customer names were put side-by-side on the same list, that could cause an
>>>> issue.
>>>>
>>>>
>>>>
>>>> On Mon, Sep 9, 2019 at 1:04 AM Charles Goldsmith <w at woka.us> wrote:
>>>>
>>>> Lelio, I think this mainly applies to partners, since we can see our
>>>> customer sites.
>>>>
>>>>
>>>>
>>>> Anthony, I don't think there is a public listing of your sites, not
>>>> that I've seen anyway.
>>>>
>>>>
>>>>
>>>> On Mon, Sep 9, 2019 at 12:07 AM Lelio Fulgenzi <lelio at uoguelph.ca>
>>>> wrote:
>>>>
>>>>
>>>>
>>>> I’m not quite sure I understand the question.
>>>>
>>>>
>>>>
>>>> Are you asking about a public index of sites?
>>>>
>>>>
>>>>
>>>> I know that configuration-wise, you can choose to list meetings on a
>>>> site. We’ve chosen to not do that. So the worst that can happen is some
>>>> gets to our WebEx landing page.
>>>>
>>>>
>>>>
>>>> I’m not sure what hiding a site helps with. Or helps deter.
>>>>
>>>>
>>>>
>>>> I mean, I’ve got our site listed on our service pages. They’re not
>>>> restricted, so anyone can find it.
>>>>
>>>>
>>>>
>>>> Logins are protected by SSO, so we’ve got that going too.
>>>> Protection-wise, I mean.
>>>>
>>>>
>>>>
>>>> Is there something I’m missing?
>>>>
>>>>
>>>>
>>>> Are you gonna make me loose sleep now!??? :)
>>>>
>>>>
>>>>
>>>> *-sent from mobile device-*
>>>>
>>>>
>>>>
>>>> *Lelio Fulgenzi, B.A.* | Senior Analyst
>>>>
>>>> Computing and Communications Services | University of Guelph
>>>>
>>>> Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON |
>>>> N1G 2W1
>>>>
>>>> 519-824-4120 Ext. 56354 <519-824-4120;56354> | lelio at uoguelph.ca
>>>>
>>>>
>>>>
>>>> www.uoguelph.ca/ccs | @UofGCCS on Instagram, Twitter and Facebook
>>>>
>>>>
>>>>
>>>>
>>>> On Sep 8, 2019, at 2:45 PM, Anthony Holloway <
>>>> avholloway+cisco-voip at gmail.com> wrote:
>>>>
>>>> All,
>>>>
>>>>
>>>>
>>>> I want to take the pulse on a topic here, relating to your list of
>>>> associated Webex sites, and whether or not they are private to you, or if
>>>> they should be public information.
>>>>
>>>>
>>>>
>>>> I was talking with a colleague about this ever growing list of
>>>> customers we work with being cataloged by Webex in the fact that we keep
>>>> getting associated to more and more customers, and what potential issue
>>>> this may cause if the site list were to be viewed by just anyone on the
>>>> internet.
>>>>
>>>>
>>>>
>>>> Would you want your site list (whether end customer or partner admin)
>>>> protected from view of others, or is it not that big of a deal?
>>>>
>>>>
>>>>
>>>> And I guess as a follow up, is this list protected today, or is there a
>>>> means by which my list can be exposed to the public relatively easily?
>>>>
>>>> _______________________________________________
>>>> cisco-voip mailing list
>>>> cisco-voip at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>
>>>> _______________________________________________
>>>> cisco-voip mailing list
>>>> cisco-voip at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>
>>>> _______________________________________________
>>>> cisco-voip mailing list
>>>> cisco-voip at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>
>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 431 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 561 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 444 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 6884 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image354655.png
Type: image/png
Size: 9409 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image819158.png
Type: image/png
Size: 431 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image663219.png
Type: image/png
Size: 561 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003980.png
Type: image/png
Size: 444 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20190909/504fe305/attachment-0007.png>