Announcement

Collapse
No announcement yet.

SIP Providor has asked me to open all UDP ports on my firewall

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SIP Providor has asked me to open all UDP ports on my firewall

    I would like to know the security risks of opening all UDP ports on my firewall, if any at all.

  • #2
    Re: SIP Providor has asked me to open all UDP ports on my firewall

    Errr why does they want that and what direction.
    Every port you opened might be a security risk.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: SIP Providor has asked me to open all UDP ports on my firewall

      UMMM... It sounds like they don't know what ports need to be opened or they're having problems getting things to work with the ports they're using now. When in doubt, open all ports, that'll fix it!

      Bad advice from them. My recommendation is to say no to them and tell them to go back to troubleshooting the problem, using reason and common sense.

      Comment


      • #4
        Re: SIP Providor has asked me to open all UDP ports on my firewall

        Before doing anything like that, would get them to send you the request in writting, signed by the owner of the SIP, on there letter head.
        That also Emailed from the Onwers email account.
        I would also request that if any damage is done to your server becuse of un-wanted access, that they will cover the cost while your business is down, the cost of damage of infomation taken, as well as loss of sales.

        Then I would give that to your boss/ceo/wife so that when your server explodeds from all the hackers laughing, you have something to cover your ass with.

        I believe there are times when you need to open the firewall, but you should never be told by a company to do it. There is as much a chance that its one person working there wanting you to open your server so he can steal all your ID and become you, as there is a company asked you to remove all secruity.

        To me, this is like a secruity company telling you to remove the doors to your building.

        Wofen
        Good to be back....

        Comment


        • #5
          Re: SIP Providor has asked me to open all UDP ports on my firewall

          They are asking my to open all UDP ports going into the router and point towards a linux system that we are using for our call manager.

          Comment


          • #6
            Re: SIP Providor has asked me to open all UDP ports on my firewall

            Originally posted by randywhite30 View Post
            They are asking my to open all UDP ports going into the router and point towards a linux system that we are using for our call manager.
            If your secruity guard told you not to lock the doors, that he would take care of it all (just the fat guy that sits behind the desk, not the company, not formal letter) would you?

            How do you know you are not being hacked? The easiest way to by-pass someone secruity is to get them to disable it themselfs.
            How do you know that peoson is not going to load a trogan on your server then use your server to host piles of illegal image/movie/software.

            If they need them open, then they should be willing to accept the responibilty, if not, tell them to fix there software and not ot make you, the paying customer, take all the risks for them to resolve a problem.

            I think you are insane if you are considering this without some documents saying that they forced you too, as this could lead you to 25 years to life in jail.

            Its your own life, and if you wanna spend it with bubba the black inmate, have fun.

            Wofen

            Edit: Is this Unix box a firewall? Becuse if they are asking you to disable your firewall and run though a 3rd party fire so that it can handle Voip ports and stuff like that, then you are not disabling your firewall, just moving it too a 3rd party server. I would still request legal documents, as the person in change IT is in change of content on the server. If that server is hosting illegal infomation, you will be held accountable, even if you can prove that you did not place it on the server, and did not know anything about it (At lest in most of the USA, Australia, Canada, England), if they can prove that you did not make all efforts to secure your server, and just not having a firewall is not a excuse.
            Last edited by Wofen; 13th October 2010, 06:36.
            Good to be back....

            Comment


            • #7
              Re: SIP Providor has asked me to open all UDP ports on my firewall

              What kind of SIP proxy / service do you use?
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment

              Working...
              X