Random Entry: CME-24
< SA's New Bank Notes | Open Season on CISCO Call Manager >

Telkom and CISCO VoIP

Last week our only¹ telco, Telkom, came to give our IT dept. a variety of talks. One such talk was to show off the VoIP implementations they have started using at some campuses.

The went for a full CISCO implementation. During the talk the lecturer mentioned that CISCO hardware is far easier to maintain and doesn't run on Windows, and is thus, more secure. Just before the talk I had seen this.

I pointed out that there were still security vulnerabilities that needed to be dealt with, made worse by the increase in the number of devices (patched your phone today?), and asked how they have managed patching within deployment. He said you would need to purchase CiscoWorks for centralised patch management, otherwise patching is a tedious process and they usually deploy an engineer on-site.

It is always nice to have a real world example. It seems patching was not a priority to their team. I also got the feeling they only patch their servers. CISCO has the tools, but this just shows how low a priority patching is to many people.

As a side note, the vast expense of the CISCO solution makes an Asterisk based solution far more attractive.

¹They aren't technically a monopoly anymore but reality and theory do not match in this case.

Monday, February 7. 2005
Posted by Dominic White in Masters
Comments (2) | Trackback (1)

Last modified on 2005-02-08 11:18

Trackbacks

Trackback specific URI for this entry

Cisco & Mike Lynn (oh and Blackhat and ISS)
There has been a lot of noise about this issue and I am not going to repeat what has been said. Instead here is a pointer to a good summary of links, Schneier’s take and JOAT’s disclosure point. Cisco did bad. UPDATE: A great interview. Peo

Weblog: .tHE pRODUCT
Tracked: Aug 03, 16:32

Comments

Display comments as (Linear | Threaded)

#1 Guy Halse wrote (Link) (Reply)
Posted on Tuesday, February 8. 2005

Interestingly enough, when I agreed to host this machine in our machine room I brought up the issue of security with Telkom. They are confident that the box (which has some of their own tweaks in addition to the normal Cisco install) is secure, so I got their go-ahead to completely trash the demo box when we finish our trial. As a result we'll let anyone at Rhodes who is interested have a go at 0wning the machine during the last couple of days of the trial. There are only three conditions — you wait until we've finished our evaluation and announce open season on the box, you don't break anything other than the Cisco call manager AND if you get in, you provide us (and in turn, Telkom) with a full disclosure of how you did it. We in turn will waive the bit of the AUP that says you can't do things like this ;-) I'll make details of the machine's IP address, etc available to people at Rhodes when we're done with it. Of course, anyone who isn't at Rhodes and is reading this will need to find their own call manager to break ... :)

#2 Zahir Coovadia (Reply)
Posted on Sunday, February 20. 2005

Need to know about VOIP

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry