[VoiceOps] 1. Large VoIP Attacks?
Pawlowski, Adam
ajp26 at buffalo.edu
Tue Nov 26 14:01:18 EST 2013
I don't normally post to this list, as it is more for the SP side of things.
A few weeks back we had a publically exposed LifeSize video conference unit
compromised. It was not installed particularly well, given the limitations to
the administrative PIN code, but it has shell access enabled, and a flash portal
which purportedly has rights execution issues. The vendor has a firewall
device that would place these behind it on private space - was that in play
where your units were attacked? We've since removed these until we can
provide a full video call control infrastructure, to keep from exposing these
appliances, but I figured it was the poor PIN code that was hit, not the device
itself.
Adam Pawlowski
SUNYAB
More information about the VoiceOps
mailing list