Avoiding VoIP hacks
Attitudes to network device security are, if possible, even more various than attitudes to the new services delivered by networking technology.
I’m going to push my luck and stray even further away from networking proper, by pointing out that the real-world problem I have in mind here is an “attitudes to attitudes” problem.
The best way I can explain what I mean here is by being rude (and I don’t mean Roger’s Profanisaurus rude) and adopting that downtrodden, disempowered, negative whine so common in business service departments, where the outlook towards anyone and everyone who walks through the door seems to be “what’s your problem then?” Those of you who are in excellent mental health may well take exception to the fact that I’m being negative about people who are being negative here.
Attitude is the difficulty – the simple the device, the more secretive its fixers become
What I’m trying to get at is a basic truth, underlying those cruel stereotypes that people come out with when they’re trying to lift themselves up by doing others down. Like “oh well, that may be okay for you sloppy PC types, but us old-school CCNE graduates prefer a clean network”, or “I’ve not learned anything from a manual for the past ten years – I find they’re more often wrong than right”, which are two recent examples that have left me speechless during the past couple of months.
Let’s cut to the chase. The rude judgement I wish to make is a consequence of my last Business Clinic at Paxton Access (see issue 204) – a firm whose user base is large and diverse, stretching all the way from heavy-hitting architects who specify the systems for skyscrapers, right across to, as someone put it to me, “window-washers with screwdrivers”.
I’m sure that everyone knows a big-hearted Natural Philosopher type who chooses to work as a window cleaner, and conversely a mean-spirited jobsworth who happens to design skyscrapers, but I’d have to say that as networks become the essential infrastructure for many services that were previously delivered by old-fashioned electricity rather than digital bits, I’ve been bumping into more and more curmudgeons.
Attitude is the difficulty, and if you’ll forgive my broad generalisation, I tend to find that while the guys who deal with complex networks are only too happy to share the truth about what lies inside their boxes, the simpler the device, the more secretive its fixers become.
Eventually, one reaches a job level at which the skill of wiring a mains plug is represented as lying somewhere between voodoo and nuclear-waste recycling. Let’s illustrate why this attitude gap should concern you, by starting from a nice comprehensible bit of kit.
Today, you can go out and buy a Netgear GS110TP, which is an eight-port copper switch with a generous pair of Gigabit fibre uplink ports included. Prices vary from £160 to £220, and it’s being sold as a connection aggregator for Power-over-Ethernet VoIP phones, and the smaller type of premises’ wireless repeater, which employs Power-over-Ethernet to push a Wi-Fi signal out to where mains power delivery would be awkward. It’s the sort of thing you might find being used in a farm with outbuildings, or a goods yard with a security booth at the gate.
To judge from its spec sheet, this little box is fairly smart. It has to provide power only to connected devices that want it, and it has to support the concept of dividing the uplink connection between radically different patterns of traffic, so it uses VLAN tagging. All of this has to be configured, so it comes with a little micro-website inside the box, which surfaces all the controls for an appropriately privileged administrator to mess about with.