11-21-2017 11:30 PM - edited 03-21-2019 10:41 AM
Been looking at the BT SIN documents in order to get my caller display to work, I can see the caller display info being sent ok to the ATA if the syslog debug output is ok to believe, but considering v.23 protocol was one of the old dial up modem protocols, and the fact the ATA's can parse this date and punt it over the network in the syslog debug output showing caller ID, I wondered if anyone has attempted to use this method to gain access to a network?
Is the firmware secure enough to only accept the data sent according to international standards?
This is only something the telecom providers can do, which makes this close to state level hacking and we know from the Edward Snowden leaks, the Five Eyes did target telecoms companies, but due to having constantly hacked systems despite implementing best practice for security across the board, my systems still keep "playing up". Earlier today, I captured some data when using the syslog audio and debug dump option in a SPA3102 when no phone calls were taking place, so now its made me wonder if this is an exploitable attack vector?
Admittedly most people don't run everything with syslog server on full debug as a matter of course, even capturing all network traffic at multiple points in a network so most probably wont see this sort of thing happening, but as I have unaccounted for data from these syslog messages, its got me thinking, so has anyone tried using this method to gain access to a network?
If so care to share notes? Drop me a pm if required.
Anyone know if its possible to switch off this facility so the ATA's wont accept any v23 data?
TIA
12-01-2017 11:32 PM
v.23 is one of formats that can be configured for transfer of CID data. Those data are transferred during call setup (before first ring or between first and second ring, most of time). Only your's direct peer can send them to you.
I can imagine DoS kind of attach arranged by anyone who have access to last-mile line wires, but nothing more.
12-02-2017 07:57 AM
By the way - if you are interested in security ...
... you should never allow direct communication between ATA gateway and your local phones. There should be a PBX in-between to enforce policy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide