|
Home > Archive > Voice Over IP in UK > July 2005 > Grandstream BT 101 phone hacked?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Grandstream BT 101 phone hacked?
|
|
|
| Hi,
I have a SIP phone (Grandstream BT 101), which I use with Sipgate. However,
yesterday, when I tried to use it, it wouldn't work. I went to the settings
page of the phone, and discovered that the connection details had been
changed. The provider was no longer Sipgate but europasstelecom.com (many
settings had been changed).
I wonder if this is a bug following a self-firmware update, or if some
company hacked the phone to change the provider...
Tom
| |
| Ivor Jones 2005-07-18, 2:45 am |
| Tom wrote:
> Hi,
>
> I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
> However, yesterday, when I tried to use it, it wouldn't work. I
> went to the settings page of the phone, and discovered that the
> connection details had been changed. The provider was no longer
> Sipgate but europasstelecom.com (many settings had been changed).
>
> I wonder if this is a bug following a self-firmware update, or if
> some company hacked the phone to change the provider...
>
> Tom
Interesting, not come across that before. I'll make some enquiries..! Had
the firmware recently updated..?
Ivor
| |
| Paul D.Smith 2005-07-18, 2:45 am |
| Please let us know what you find out! Hacking SIP phones could be a whole
new area of hurt for comsumers!
Although this shouldn't be able to hurt you commerically, it would allow
someone to fish for all your friends numbers, and could even listen in on
your conversations.
Anyone for secured media?...
Paul DS.
| |
|
|
"Tom" <Tom@nospam.com> wrote in message
news:Io6dnVmkZY9X3UbfRVnyuA@pipex.net...
> Hi,
>
> I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
However,
> yesterday, when I tried to use it, it wouldn't work. I went to the
settings
> page of the phone, and discovered that the connection details had been
> changed. The provider was no longer Sipgate but europasstelecom.com (many
> settings had been changed).
>
> I wonder if this is a bug following a self-firmware update, or if some
> company hacked the phone to change the provider...
>
> Tom
>
Hi.
Ok, did you buy this set new? And when you programed it you set the tftp
server to 0.0.0.0 or an address on your network and changed the password.
If not and you left the tftp server address in when it reboots it will look
for the tftp server and update settings as nesesary.
To have "Hacked" it you would have needed port80 open and pointing at the
phone..
I very much doubt its been hacked.
What is even odder is that europasstelecom dont seem to have launched a
service yet!!!! and it looks like a MLM scheme as well, so any type of
advertising is good for dodgy agents.......even just getting the name
outthere....
Ian
| |
| Paul D.Smith 2005-07-18, 7:45 am |
| > Ok, did you buy this set new? And when you programed it you set the tftp
> server to 0.0.0.0 or an address on your network and changed the password.
> If not and you left the tftp server address in when it reboots it will
look
> for the tftp server and update settings as nesesary.
> To have "Hacked" it you would have needed port80 open and pointing at the
> phone..
> I very much doubt its been hacked.
>
> What is even odder is that europasstelecom dont seem to have launched a
> service yet!!!! and it looks like a MLM scheme as well, so any type of
> advertising is good for dodgy agents.......even just getting the name
> outthere....
>
But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?
Paul DS.
| |
|
|
"Paul D.Smith" <paul_d_smith@x-hotmail.com> wrote in message
news:42db928c$0$13702$ed9e5944@reading.news.pipex.net...
password.[vbcol=seagreen]
> look
the[vbcol=seagreen]
>
> But does upgrading the firmware loose all customer settings? Is there no
> facility for upgrading but restoring user configuration?
>
No. But settings can be part of the TFTP process, more info here
http://tanesha.net/Wiki/GratissipTftpd.html. Personly this is the first time
I have heard of a GS being "hacked" and as I mentioned its strange that the
company mentioned doesnt have a service just a MLM scheme of types running.
Ian
| |
|
| Hi,
The software was upgraded automatically apparently. I bought the phone from
new, and originally went to a single page to put my settings. I am using
Sipgate, and also added a password. The phone is also in a DMZ, so not
protected by firewall.
When I then tried to use the phone later on, it wouldn't work, so I logged
on the web interface again, and saw a new interface (three tabs instead of a
single page, so the phone must have downloaded automatically an upgrade from
the manufacturer), and the provider details had changed. The phone wouldn't
connect anyway since I don't have an account with them.
I found all of this very strange. I changed the settings manually back to
Sipgate, and the phone is now working again...
"Ivor Jones" <ivor@despammed.invalid> wrote in message
news:3k0vi6FrrkgnU1@individual.net...
> Tom wrote:
>
> Interesting, not come across that before. I'll make some enquiries..! Had
> the firmware recently updated..?
>
> Ivor
>
>
| |
| VoIP Knowledge 2005-07-26, 7:45 am |
| Settings can be downloaded via TFTP as the GS supports auto-provisioning. My
guess is that you have set the tftp server entry unknowingly to europass's
server. They did have a service called Noodle, which went out of business
before it started.
The Knowledge
"Ian" <spam"AT"bathfordhill.co.uk> wrote in message
news:11dne1hpd2bq4e2@corp.supernews.com...
>
> "Paul D.Smith" <paul_d_smith@x-hotmail.com> wrote in message
> news:42db928c$0$13702$ed9e5944@reading.news.pipex.net...
tftp[vbcol=seagreen]
> password.
> the
a[vbcol=seagreen]
no[vbcol=seagreen]
> No. But settings can be part of the TFTP process, more info here
> http://tanesha.net/Wiki/GratissipTftpd.html. Personly this is the first
time
> I have heard of a GS being "hacked" and as I mentioned its strange that
the
> company mentioned doesnt have a service just a MLM scheme of types
running.
>
> Ian
>
>
|
|
|
|
|