Monthly Archives: May 2014

  • Allworx Phone System Security Updates

    Allworx, a Windstream company, has announced new security practices in response to recent Hacking Issues. 

    Suggested Security Best Practices

    Overview

    One of the primary advantages of the Allworx family of products is its flexibility in configuration and settings in a way that is easy to understand. Security is an important consideration, and we are constantly striving to improve our systems to protect our customers.

    We are investigating reported instances and have seen fraudulent SIP registration attacks that search public IP addresses and gain access to either an Allworx server or, most recently, to remote Allworx handsets not installed behind a firewall. We have also received reports of recent toll fraud incidents in which fraudulent attacks take over the SIP registration of an Allworx handset attached to a public network. This document summarizes the security best practices to prevent security compromises.

    What You Should Do

     It is imperative to use the proper security settings so that hostile, unauthorized attempts to access the system do not result in situations where either remote access or the spoofing of handsets can occur. Most often, the result is unauthorized calling and toll fraud. Compromises usually start with port scans to determine if a host is a candidate for unauthorized access. Disabling the use of ports often discourages a fraudulent attack, and the attacker will move on to another IP.
    • Update Allworx server to the most recent patch level of  7.6 . These patches change each Allworx phone SIP registration passwords during the phone reboot.
    • Install the server behind a firewall or connect it to the public internet using the WAN port. DO NOT connect the Allworx LAN port directly onto the public internet.
    • Disable Allworx WAN services (ports) not in use.
    • Change voicemail ports (SMTP and IMAP) to non-standard port numbers.
    • Change all server admin, phone admin, and user passwords from the default values.
    • Use strong passwords for server and phone administration pages. DO NOT use simple passwords such as “1234″ or “Allworx”.
    • Verify that there is no exposure of the Admin Page (Port 8080) to the Public network. DO NOT port forward directly to the LAN port of an Allworx server from the customer’s router. For remote maintenance, use the Allworx VPN. Navigate to Home > Network > VPN > modify to configure the VPN settings.
    For more information about Allworx please contact Telcom & Data at 800-335-0229
    Allworx, upgrade 7.6, phone system hacking, allworx 6x, phone system support, Upgrade Your Allworx Phone System Against Hacking
  • Spring Storms Wreak Havoc on Telephone Equipment

    Just like Wayne Hancock said Lord I love Thunderstorms and Neon Signs.   In my case I love thunderstorms because there is sure to be an uptick in business as lighting. power outages and power surges wreak havoc on phone systems.  With the weather becoming more severe these days its really important to check and test your UPS battery back up systems for  run time and functionality. Unfortunately for many businesses its usually when you really need your battery back up system to work that you realize it is no longer protecting the data and phone equipment.

    UPS Battery Back UP Protect Your phone and data equipment against severe weather.

    Many older phone systems rely on on board batteries to keep memory. Old batteries eventually go bad and with a power loss the phone system easily losses programming. When this happens the results are predictable voice mail doesn't work, speed dial lists are wiped out, extension numbering may have defaulted. Worst of all it disrupts business and this is if you are lucky.

    If you are unlucky then you end up having a power surge blow up the processor, voice mail system, or power supply.  When this happens you might as well shop for a new phone system because it is hard to determine just how much damage has been done.  Even if you replace major components the system may never work the same way again.

    We recommend a UPS Battery Back Up System on every phone system installation we do. Often times a business owner will want to go and buy his own from OfficeMax or Office Depot and ends up buying the cheapest one available.  The results are the same. We have seen systems that have melted even though the business owner used a small under protected system to take care of their new $ 12,000.00 phone system.

    Please take the time to check out your UPS battery back up situation and make certain you have in place the protection required to keep your business going in the likely event you are hit by severe weather.

    check out all of our on line Minuteman UPS Battery Back Up solutions here. If you need help sizing the right system for your application we can help no matter how large.

    Or call Telcom & Data at 800-335-0229

2 Item(s)