cancel
Showing results for 
Search instead for 
Did you mean: 
Ratty2012
Recognised Expert
701 Views
Message 21 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network


@richardcwgate wrote:

First noticed the activity in the asterisk log file. Then used Wireshark to trace the packets.


Sorry, what I meant was how have you detected the inbound SIP connections when the asterisk server has been off?

0 Ratings
richardcwgate
Aspiring Contributor
699 Views
Message 22 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

Wireshark packet trace.

0 Ratings
richardcwgate
Aspiring Contributor
674 Views
Message 23 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

Just to let you know, I've had contact from a higher technical authority in BT and we are now working together to identify the problem. Thanks to BT for getting involved with this.

0 Ratings
zagnome
Aspiring Expert
663 Views
Message 24 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

Nice. Let us know the result. 

0 Ratings
nigma
Contributor
658 Views
Message 25 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

Are you sure this isn't Hole punching ?.. I'm pretty certain SIP does this to get around firewall issues. A simple check is stop astrix and use one of the many online tools that check if a port is open.

0 Ratings
richardcwgate
Aspiring Contributor
652 Views
Message 26 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

Hi, already covered that off. And SIP cannot "punch" holes in a firewall!

0 Ratings
Highlighted
nigma
Contributor
644 Views
Message 27 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

SIP probably cannot - but SIP is never used just alone.

Have you checked if the port is open when Asterix is not running ?
0 Ratings
zagnome
Aspiring Expert
640 Views
Message 28 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network


@nigma wrote:
SIP probably cannot - but SIP is never used just alone.

Have you checked if the port is open when Asterix is not running ?

You would answer your own questions if you read the thread. 

0 Ratings
richardcwgate
Aspiring Contributor
613 Views
Message 29 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

I now have a wireshark trace that has been passed to BT for them to discuss with the HH3 manufacturer.

 

0 Ratings
richardcwgate
Aspiring Contributor
584 Views
Message 30 of 44

Re: Home Hub 3 Security exposure allowing VOIP (SIP) traffic into the internal network

BT and the manufacturer have completed their investigation. The HH3 IS allowing inbound SIP traffic from any internet IP. BUT they say its "working as designed"!

 

Full details here - http://communig8.com/articles/67-technical/143-hh3-security-exposure

0 Ratings