web statisticsweb stats

Business Phone Systems

Support Service-Disabled Veterans!
Discount software from Direct Deals
Previous Thread
Next Thread
Print Thread
Rate Thread
Page 2 of 4 1 2 3 4
Joined: Mar 2004
Posts: 20
Member
Member
Offline
Joined: Mar 2004
Posts: 20
Quoting Hal:
>People who own Avaya systems are supposed to have >a relationship with a dealer who would handle >such things a lost admin password and remote >administration. There would be no reason for the >customer to need the backdoor or even know one >existed. Dealers do not divulge such information >anyway.

Hmm, that's interesting, is there actually a legal clause in the sales contract that says, "In order to own or use this physical hardware & software, you MUST have a contract with a dealer for support and service"? Are there enforceable legal penalties against private acquistion and use of Avaya/Lucent phone systems? If not, your remarks are just wishful thinking.

----

>Enter the internet. Buyers think they are getting >a slick deal but there is no dealer that they can >turn to and tech support is almost non existant >or incompetant from gray market sellers. So not >only is there a desire to know by the end user >but now the information gets freely distributed >when it is learned.

-----
This is a fact of life called "change" (i.e. the Internet and its availability of all types of easily searchable information) and is no excuse for piss-poor security. Lucent/Avaya ought to have anticipated this a decade or more ago -- the Internet was sufficiently widespread even in 1995 for this development (distribution of backdoors) to have been expected.

>>So basically by buying off the internet you have >>screwed yourselves on the security issue.

That's not a fair remark. You're saying because *I* personally got a donated system from another end-user that I am responsible for the system's security problems? Silly. Think about it. How many people does it take to spoil the secret of the Partner VS backdoor? How many, Hal? One person.

Don't lump together the hundreds, probably thousands of other non-dealer system installers and end-user admins with the one (or few) people in YOUR industry who decided to divulge the passwords.

Again, the entire problem could have been avoided with even the slightest forethought by Avaya.

What stinks, generally, about Telecom providers is not your prices, per se, but the general attitude of condescension toward your end-users. The fact that your business depends on a small amount of private and arbitrary information (such as back door passwords) makes it understandable that you would resort to "Well it shouldn't be that way!" as an excuse for covering over poor security.

Avaya IP Office Help & Support Website
IP Office Help

Avaya IP Office Help & Support Website


FAQs, documentation, videos, updates, and support for the Avaya IP Office business phone system!
Everything you need to know about installing, upgrading, and troubleshooting IP 500v2 and IPO Server Edition systems.

Joined: Feb 2005
Posts: 12,347
Likes: 4
Member
***
Member
***
Offline
Joined: Feb 2005
Posts: 12,347
Likes: 4
Again, the entire problem could have been avoided with even the slightest forethought by Avaya.

Actually I'm sure it was given forethought. Avaya is in the business of selling product and making it easy to support the customers who buy it. What happens to old equipment after it has left the original owner is of little concern.

If this is such a big issue to you get a Partner Messaging r7.0. That password is not in general circulation.

Why is it that the people who pay little or nothing are always the ones to complain the loudest?

-Hal


CALIFORNIA PROPOSITION 65 WARNING: Some comments made by me are known to the State of California to cause irreversible brain damage and serious mental disorders leading to confinement.
Joined: Mar 2004
Posts: 253
Member
Member
Offline
Joined: Mar 2004
Posts: 253
sound like a computer guy. hey anachron rj11's fit in rj45's

Joined: Mar 2004
Posts: 20
Member
Member
Offline
Joined: Mar 2004
Posts: 20
As I said, this system is installed at a non-profit organization that can't afford to upgrade to Partner Messaging 7, period. And "the password is not in general circulation?" HELLO? How long would you guess before it will be?

There is simply no reason for all the dumb "oh don't post the password on the internet!" Please realize what an awfully stupid situation that is. There is no reason, at all, that the backdoor password for each unit cannot be easily tied to the SERIAL NUMBER of the unit (or the software license key, if it's software-only.)

As for "what happens when the equipment leaves the original owner," again, that's just another jab at organizations who don't happen to be able to afford brand-new Avaya equipment and support.
If I had purchased this system brand new for $5,000 from you, plus a support contract from here to infinity including afternoon tea served daily, I would still be pissed about this stupid backdoor.

I'll increase my offer to $250.00 for anyone who can give me instructions for securing my stock Partner Mail VS 4.1 in such a way that the standard backdoor is disabled, permanently. (No additional hardware allowed, and no dangerous flashing with custom non-factory firmware or anything of that type.)

Joined: Mar 2004
Posts: 20
Member
Member
Offline
Joined: Mar 2004
Posts: 20
As for RJ11's fitting in RJ45's, yeah, they do, but they also will damage the RJ45 very quickly if that's done more than a few times. Don't do it.

Joined: Sep 2005
Posts: 472
Member
Member
Offline
Joined: Sep 2005
Posts: 472
Three county fairs and a goat rope and I ain't heard nothin like that!!!!!!!!!!!!! :rofl:

Joined: Oct 2004
Posts: 684
Member
Member
Offline
Joined: Oct 2004
Posts: 684
anachron I feel for you and wish I could offer advise. I agree with your comments on the security, and you are correct with the RJ45-RJ11, they will damage the pins. Not sure at what point this board decided to stop posting passwords, but it has not been very long. So don't let the high and mighty attitudes some have here turn you off. On the other hand, you need to realize that by getting old equipment, you are subject to bugs and other issues that newer equipment resolves.

Joined: Jul 2001
Posts: 3,347
Likes: 10
Moderator-Avaya-Lucent, Antique Tele
*****
Moderator-Avaya-Lucent, Antique Tele
*****
Joined: Jul 2001
Posts: 3,347
Likes: 10
Ya know what? Except for the arrogance, anachron's right! The older Partner Mails could have their password reset, but you needed the serial number and you had to cycle the power to do it. You run into problems when the hard drive is replaced, but the serial number is not. Not likely that a "hacker" (and I prefer the old school definition of hacker, it's where I started) is going to pull that one off anomyously.

Now, I love being able to dial into a customer site, get into programming, find and fix a problem for them. But I would be willing to not have backdoor passwords if I could go on site and reset it there.

However, rocks are hard and water is wet. The p/w's are out there, so if you find it an unacceptable security risk, just don't use it.

Joined: Mar 2001
Posts: 7,350
RIP Admin
*****
RIP Admin
*****
Offline
Joined: Mar 2001
Posts: 7,350
The practice of not posting passwords on this board have been in place forever, as for the high and mighty we have always offered to dial in and reset VM's so I don't know where you got that from. I grant you passwords have been posted on the board but we try to catch and delete off the open board.


Russ runs a local service and private tech center.

[Linked Image from sundance-communications.com][/url]
Joined: Feb 2005
Posts: 12,347
Likes: 4
Member
***
Member
***
Offline
Joined: Feb 2005
Posts: 12,347
Likes: 4
That non-profit happens not to be able to afford what are I'm sure your quite expensive service rates.

You are arguing against yourself there. If there were no backdoor passwords we would have to pay a visit to the site and charge for a service call.

The reason we charge what we do is because WE don't want to become a non-profit. Geeze, then we couldn't afford a new voice messaging system. :toothy:

-Hal


CALIFORNIA PROPOSITION 65 WARNING: Some comments made by me are known to the State of California to cause irreversible brain damage and serious mental disorders leading to confinement.
Page 2 of 4 1 2 3 4

Link Copied to Clipboard
Newest Topics
OfficeServ 500
by phonman123 - 11/08/24 09:08 AM
OfficeServ 7200 enable 4 digit extensions
by Robert Stuart - 11/05/24 05:42 AM
OfficeServ 7200 v4.60b software?
by Robert Stuart - 11/04/24 05:38 PM
CTX 100 Can't Connect with eManager
by stwtech - 11/04/24 04:24 PM
Forum Statistics
Forums84
Topics94,428
Posts639,505
Members49,821
Most Online5,661
May 23rd, 2018
Newest Members
FooF, brianorbrain, AndyW251, Dean Badelek, PCCsup
49,820 Registered Users
Top Posters(30 Days)
Toner 9
pvj 8
R4+Z 4
Who's Online Now
3 members (Toner, justbill, Carl Navarro), 242 guests, and 34 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: One of the best VoIP Phone Canada Suppliers for your business telephone system!| Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers. Sundance Phone System Forums - VOIP & Cloud Phone Help
©Copyright Sundance Communications 1998 - 2024
Powered by UBB.threads™ PHP Forum Software 8.0.0