A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.voip (UK VOIP)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.voip (UK VOIP) (uk.telecom.voip) Discussion of topics relevant to packet based voice technologies including Voice over IP (VoIP), Fax over IP (FoIP), Voice over Frame Relay (VoFR), Voice over Broadband (VoB) and Voice on the Net (VoN) as well as service providers, hardware and software for use with these technologies. Advertising is not allowed.

Grandstream BT 101 phone hacked?



 
 
Thread Tools Display Modes
  #1  
Old July 18th 05, 06:40 AM posted to uk.telecom.voip
Tom
external usenet poster
 
Posts: 16
Default Grandstream BT 101 phone hacked?

Hi,

I have a SIP phone (Grandstream BT 101), which I use with Sipgate. However,
yesterday, when I tried to use it, it wouldn't work. I went to the settings
page of the phone, and discovered that the connection details had been
changed. The provider was no longer Sipgate but europasstelecom.com (many
settings had been changed).

I wonder if this is a bug following a self-firmware update, or if some
company hacked the phone to change the provider...

Tom


  #2  
Old July 18th 05, 07:12 AM posted to uk.telecom.voip
Ivor Jones
external usenet poster
 
Posts: 3,969
Default Grandstream BT 101 phone hacked?

Tom wrote:
Hi,

I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
However, yesterday, when I tried to use it, it wouldn't work. I
went to the settings page of the phone, and discovered that the
connection details had been changed. The provider was no longer
Sipgate but europasstelecom.com (many settings had been changed).

I wonder if this is a bug following a self-firmware update, or if
some company hacked the phone to change the provider...

Tom


Interesting, not come across that before. I'll make some enquiries..! Had
the firmware recently updated..?

Ivor


  #3  
Old July 18th 05, 10:22 AM posted to uk.telecom.voip
Ian
external usenet poster
 
Posts: 289
Default Grandstream BT 101 phone hacked?


"Tom" wrote in message
...
Hi,

I have a SIP phone (Grandstream BT 101), which I use with Sipgate.

However,
yesterday, when I tried to use it, it wouldn't work. I went to the

settings
page of the phone, and discovered that the connection details had been
changed. The provider was no longer Sipgate but europasstelecom.com (many
settings had been changed).

I wonder if this is a bug following a self-firmware update, or if some
company hacked the phone to change the provider...

Tom

Hi.

Ok, did you buy this set new? And when you programed it you set the tftp
server to 0.0.0.0 or an address on your network and changed the password.
If not and you left the tftp server address in when it reboots it will look
for the tftp server and update settings as nesesary.
To have "Hacked" it you would have needed port80 open and pointing at the
phone..
I very much doubt its been hacked.

What is even odder is that europasstelecom dont seem to have launched a
service yet!!!! and it looks like a MLM scheme as well, so any type of
advertising is good for dodgy agents.......even just getting the name
outthere....

Ian


  #4  
Old July 18th 05, 12:29 PM posted to uk.telecom.voip
Paul D.Smith
external usenet poster
 
Posts: 287
Default Grandstream BT 101 phone hacked?

Ok, did you buy this set new? And when you programed it you set the tftp
server to 0.0.0.0 or an address on your network and changed the password.
If not and you left the tftp server address in when it reboots it will

look
for the tftp server and update settings as nesesary.
To have "Hacked" it you would have needed port80 open and pointing at the
phone..
I very much doubt its been hacked.

What is even odder is that europasstelecom dont seem to have launched a
service yet!!!! and it looks like a MLM scheme as well, so any type of
advertising is good for dodgy agents.......even just getting the name
outthere....


But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?

Paul DS.


  #5  
Old July 18th 05, 01:52 PM posted to uk.telecom.voip
Andrew Gabriel
external usenet poster
 
Posts: 227
Default Grandstream BT 101 phone hacked?

In article ,
"Paul D.Smith" writes:
But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?


Much to my surprise, upgrading (and then downgrading again)
my sipura spa-3000 didn't lose any settings.

--
Andrew Gabriel

  #6  
Old July 18th 05, 03:09 PM posted to uk.telecom.voip
Ian
external usenet poster
 
Posts: 289
Default Grandstream BT 101 phone hacked?


"Paul D.Smith" wrote in message
. net...
Ok, did you buy this set new? And when you programed it you set the tftp
server to 0.0.0.0 or an address on your network and changed the

password.
If not and you left the tftp server address in when it reboots it will

look
for the tftp server and update settings as nesesary.
To have "Hacked" it you would have needed port80 open and pointing at

the
phone..
I very much doubt its been hacked.

What is even odder is that europasstelecom dont seem to have launched a
service yet!!!! and it looks like a MLM scheme as well, so any type of
advertising is good for dodgy agents.......even just getting the name
outthere....


But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?

No. But settings can be part of the TFTP process, more info here
http://tanesha.net/Wiki/GratissipTftpd.html. Personly this is the first time
I have heard of a GS being "hacked" and as I mentioned its strange that the
company mentioned doesnt have a service just a MLM scheme of types running.

Ian


  #7  
Old July 19th 05, 01:54 AM posted to uk.telecom.voip
Tom
external usenet poster
 
Posts: 16
Default Grandstream BT 101 phone hacked?

Hi,

The software was upgraded automatically apparently. I bought the phone from
new, and originally went to a single page to put my settings. I am using
Sipgate, and also added a password. The phone is also in a DMZ, so not
protected by firewall.

When I then tried to use the phone later on, it wouldn't work, so I logged
on the web interface again, and saw a new interface (three tabs instead of a
single page, so the phone must have downloaded automatically an upgrade from
the manufacturer), and the provider details had changed. The phone wouldn't
connect anyway since I don't have an account with them.

I found all of this very strange. I changed the settings manually back to
Sipgate, and the phone is now working again...


"Ivor Jones" wrote in message
...
Tom wrote:
Hi,

I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
However, yesterday, when I tried to use it, it wouldn't work. I
went to the settings page of the phone, and discovered that the
connection details had been changed. The provider was no longer
Sipgate but europasstelecom.com (many settings had been changed).

I wonder if this is a bug following a self-firmware update, or if
some company hacked the phone to change the provider...

Tom


Interesting, not come across that before. I'll make some enquiries..! Had
the firmware recently updated..?

Ivor




  #8  
Old July 19th 05, 11:45 AM posted to uk.telecom.voip
Lee
external usenet poster
 
Posts: 85
Default OT: Why downgrade spa-3000?


"Andrew Gabriel" wrote in message
.. .
In article ,
"Paul D.Smith" writes:
But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?


Much to my surprise, upgrading (and then downgrading again)
my sipura spa-3000 didn't lose any settings.


Out of interest - why did you downgrade?


  #9  
Old July 19th 05, 01:09 PM posted to uk.telecom.voip
Andrew Gabriel
external usenet poster
 
Posts: 227
Default OT: Why downgrade spa-3000?

In article ,
"Lee" writes:

"Andrew Gabriel" wrote in message
.. .
Much to my surprise, upgrading (and then downgrading again)
my sipura spa-3000 didn't lose any settings.


Out of interest - why did you downgrade?


The version 3 firmware introduced and fault whereby all the
syslog messages are missing the PRI header so they aren't
usable. In the version 2 firmware, most of the syslog messages
are more correctly formed (a few only are missing the PRI header
and unusable).

Also, the version 3 firmware didn't fix the TCP window handling
problem which was the main reason for trying the upgrade. This
prevents the browser interface working properly when the browser
system advertises a large TCP window (i.e. probably something
over 32k, but not window scaling), and it is running across a WAN
or sufficient routers such that more than 32k of data gets
buffered across the network. It looks to me like the spa-3000 is
perhaps tripping on some associated 16bit arithmetic which needs
to be 32 bit arithmetic, screwing up its TCP sequence calculations,
and gets stuck in a TCP restransmit loop. If you have control of
the TCP window advertised from the browser system, knocking it
down to 20k is a workaround.

--
Andrew Gabriel
  #10  
Old July 21st 05, 10:39 AM posted to uk.telecom.voip
Lee
external usenet poster
 
Posts: 85
Default OT: Why downgrade spa-3000?


"Andrew Gabriel" wrote in message
.. .
In article ,
"Lee" writes:

"Andrew Gabriel" wrote in message
.. .
Much to my surprise, upgrading (and then downgrading again)
my sipura spa-3000 didn't lose any settings.


Out of interest - why did you downgrade?


The version 3 firmware introduced and fault whereby all the
syslog messages are missing the PRI header so they aren't
usable. In the version 2 firmware, most of the syslog messages
are more correctly formed (a few only are missing the PRI header
and unusable).

Also, the version 3 firmware didn't fix the TCP window handling
problem which was the main reason for trying the upgrade. This
prevents the browser interface working properly when the browser
system advertises a large TCP window (i.e. probably something
over 32k, but not window scaling), and it is running across a WAN
or sufficient routers such that more than 32k of data gets
buffered across the network. It looks to me like the spa-3000 is
perhaps tripping on some associated 16bit arithmetic which needs
to be 32 bit arithmetic, screwing up its TCP sequence calculations,
and gets stuck in a TCP restransmit loop. If you have control of
the TCP window advertised from the browser system, knocking it
down to 20k is a workaround.


Not sure what all that means, but thanks! ;-)

I have an spa-3000 that appears to be working fine but thought I would
check.

Lee


 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
wpa wireless hacked ? Marky uk.telecom.broadband (UK broadband) 7 August 23rd 05 03:19 PM
Help with grandstream 486 qos settings al uk.telecom.voip (UK VOIP) 0 May 24th 05 02:40 PM
Micrsoft hacked ????? Marky uk.telecom.broadband (UK broadband) 5 May 8th 05 02:38 PM
Hacked In Half an Hour Gelf uk.telecom.broadband (UK broadband) 7 November 24th 04 11:00 AM
Has my router been hacked? uk.telecom.broadband (UK broadband) 12 September 26th 04 10:50 PM


All times are GMT +1. The time now is 06:59 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2020 BroadbanterBanter.
The comments are property of their posters.