|
|
Joined: Apr 2006
Posts: 9
Member
|
|
Member
Joined: Apr 2006
Posts: 9 |
The default community can easily be changed. That is like the system password. Like most systems, it is up to the installer if they wish to change default password and the like. It just depends how competative the market is, but msotly it is to much hassel than it is worth.
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
|
Joined: Jun 2006
Posts: 57
Member
|
|
Member
Joined: Jun 2006
Posts: 57 |
Originally posted by MacOSX:
If somebody has access to your communications room and phone system without you knowing about it, then the security lapse isn't in the phone system. Well, considering this is a K-12 school and the phone system sits in the back of the classroom, there is not much I can do about that.  Thanks again. Scott
|
|
|
|
|
Joined: Dec 2007
Posts: 2,033
Moderator-Toshiba
|
|
Moderator-Toshiba
Joined: Dec 2007
Posts: 2,033 |
There is plenty you can do about it.
1. Cover it (i.e. - frame a wall, or box around it) and put it under lock and key.
2. Change the "Community name" to something else (that's what all the Lowes stores do... not a single one of them is the default).
3. Change the IP address.
4. Change the password on the phones, so programming mode on the phones is restricted (because even with the IP and CN changed, you could still access programming via phones).
My point is not a "numbered list" of what to do, but that there are many steps that you yourself can take to make the communications environment more secure. Also, making the staff aware of security risks adds another layer of protection too. Let them know that no one should be near the phone system and to challenge anyone who may say they are working on the system.
Security should start with the people that operate in the work place everyday (i.e. Teachers, Administrators, etc. : in your case), having the knowledge of security risks and knowing they can alert you (or someone else) when they see a potential breech. It doesn't have to be ran like a military base... but just give someone the knowledge of what to look for and to be aware of what would normally be innocuous information and or actions and will be an asset to the many layers of security.
[/rant]
Sorry for the long winded response.
- Tony Ohio Data LLC Phone systems, data networks, firewalls and servers in Central Ohio. Some people aren't used to an environment where excellence is expected.
|
|
|
|
|
Joined: Jun 2006
Posts: 57
Member
|
|
Member
Joined: Jun 2006
Posts: 57 |
Thanks for the suggestions. I will probably do a bit of this. I hope to never have problems, but you never know. As far as: Security should start with the people that operate in the work place everyday (i.e. Teachers, Administrators, etc. : in your case), having the knowledge of security risks and knowing they can alert you (or someone else) when they see a potential breech. Most that are here could care not less I am sure. I have warned them not to give their passwords out to anyone or post them where they can be seen. I can open about 70% of the deskdrawers or look under the keyboard and get their password. I even had one teacher to give their password out to some students one year so that they could enter grades in her grade book. This gave the students the priveledge of the student records program. I am not their dad so I just give up. If they want to do things like that then I'll let them. When all of the student records disappear one day, then I will say I told you so and take a long time to restore a backup.  Sorry for the rant and thanks again for all the info and suggestions. Scott
|
|
|
|
|
Joined: Dec 2007
Posts: 2,033
Moderator-Toshiba
|
|
Moderator-Toshiba
Joined: Dec 2007
Posts: 2,033 |
Originally posted by Korak: Thanks for the suggestions. I will probably do a bit of this. I hope to never have problems, but you never know.
Most that are here could care not less I am sure. I have warned them not to give their passwords out to anyone or post them where they can be seen. I can open about 70% of the deskdrawers or look under the keyboard and get their password. I even had one teacher to give their password out to some students one year so that they could enter grades in her grade book. This gave the students the priveledge of the student records program. I am not their dad so I just give up. If they want to do things like that then I'll let them. When all of the student records disappear one day, then I will say I told you so and take a long time to restore a backup.
Sorry for the rant and thanks again for all the info and suggestions.
Scott I understand that they could not care less, but in the situation you're in it seems as though, you'd be held liable for some "mishap/network breech" (which is bound to happen, from the sounds of it). You must convince the higher ups that the employees have to take it as seriously as they do their own house door and or financial information. A teacher giving a student a password is completely and 100% UNACCEPTABLE, anywhere anytime! I would bet a nickel that if tomorrow it's discovered that a student changed grades, the Sys Admin is the one that takes the fall, regardless of whose account/password was used. Instituting a mandatory security briefing/training and mandatory password changes is more of a cover your own butt measure. Either way, it's up to you. I'm just trying to offer some experienced advice. [/(yet another) rant]
- Tony Ohio Data LLC Phone systems, data networks, firewalls and servers in Central Ohio. Some people aren't used to an environment where excellence is expected.
|
|
|
|
|
Joined: Apr 2009
Posts: 1
Member
|
|
Member
Joined: Apr 2009
Posts: 1 |
I am having a similar problem. I am using IE6. I am using eManager V5.10A05. I am aware that the username is case sensitive. The computer is on the same subnet and I can ping the phone system. I simply cannot login to emanager, which I am understanding means I have a software issue. I have IIS installed along with the management tools.
I have been trying to use the default username and password that I had when I received the system. I had to reinstall emanager and I am wondering if the username and password I had before is not the default. Can someone please PM me or email me the default username and password?
|
|
|
|
|
Joined: Dec 2007
Posts: 2,033
Moderator-Toshiba
|
|
Moderator-Toshiba
Joined: Dec 2007
Posts: 2,033 |
duanelenander , welcome to the board!
If you could start a new topic, instead of using an old post, that would be appreciated!
Thanks,
Tony
- Tony Ohio Data LLC Phone systems, data networks, firewalls and servers in Central Ohio. Some people aren't used to an environment where excellence is expected.
|
|
|
|
Forums84
Topics94,422
Posts639,464
Members49,818
| |
Most Online5,661
May 23rd, 2018
|
|
|
1 members (nortelvoip),
425
guests, and
505
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
|
