Technical Discussion
  >> VoIP (e.g. BT Digital Voice, Sky Internet Calls, etc.)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | 3 | 4 | (show all)   Print Thread
Standard User ferretuk
(committed) Mon 30-Jan-23 08:47:28
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: shaunhw] [link to this post]
 
In reply to a post by shaunhw:
I've recently changed ISPs and am now with Aquiss FFTP and 8 ips, and was using the Grandstream on an IP of it's own, as AA seem to want people to do
I use A&A VOIP and I have had 4 VOIP devices registered and working (including a couple of HT801s) behind a NAT router with no port forwarding at all.

Aquiss FTTP BQM | AAISP VOIP | Ubiquiti UDM Pro | 2x Unifi AC-Lite & 1x AC-LR Wifi AP
Standard User shaunhw
(experienced) Mon 30-Jan-23 11:05:26
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: jchamier] [link to this post]
 
I take your points... But the Grandstream does appear to have some options for wan side configuration access, including white and blacklisted IPs... So I'll look at those at some point.
If they could log in using default admin/admin credentials, can the not read the password out??

No, all you can see is an empty blank field for entering a new password, with a comment:
"(purposely not displayed for security protection)" at the right side. of it.

Edited by shaunhw (Mon 30-Jan-23 11:26:03)

Standard User shaunhw
(experienced) Mon 30-Jan-23 11:19:44
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: ferretuk] [link to this post]
 
In reply to a post by ferretuk:
In reply to a post by shaunhw:
I've recently changed ISPs and am now with Aquiss FFTP and 8 ips, and was using the Grandstream on an IP of it's own, as AA seem to want people to do
I use A&A VOIP and I have had 4 VOIP devices registered and working (including a couple of HT801s) behind a NAT router with no port forwarding at all.


Yes I'm going to take everyones advice and stick the thing back under the main NAT IP address range, rather than a DMZ translated address of another public IP. I'm still mystified how they got the SIP password (since changed) out of the device. My guess is that it must be in the config file with some poor encryption.

It's my fault for not realizing that the thing could be easily accessed from outside, and not setting a decent password on it. I should really know better!

Thanks again for the UK config list, it made it much easier for me to completely recover from this.

Edited by shaunhw (Mon 30-Jan-23 11:21:48)


Register (or login) on our website and you will not see this ad.

Standard User jchamier
(eat-sleep-adslguide) Mon 30-Jan-23 11:28:10
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: shaunhw] [link to this post]
 
In reply to a post by shaunhw:
I take your points... But the Grandstream does appear to have some options for wan side configuration access, including white and blacklisted IPs... So I'll look at those at some point.
Good idea, I just don't trust devices themselves to protect themselves, always look at something else like a home router. smile

23 years of broadband connectivity since 1999 trial - Live BQM
Standard User kitcat
(fountain of knowledge) Mon 30-Jan-23 13:29:04
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: shaunhw] [link to this post]
 
shaunhw

You may find that the original password is the same on every box! It could also be a set sequence so they are all different but are findable just by trying the series. The culprit was not interested in your box specifically just a box they could hack for free calls. So they may have tried thousands of password / IP combinations.

This is why the major suppliers VIOP offerings are all locked down to be much more secure. This prevents them from having to continually be crediting customers accounts for calls they haven't made.
Standard User shaunhw
(experienced) Tue 31-Jan-23 08:45:20
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: kitcat] [link to this post]
 
In reply to a post by kitcat:
shaunhw

You may find that the original password is the same on every box! It could also be a set sequence so they are all different but are findable just by trying the series. The culprit was not interested in your box specifically just a box they could hack for free calls. So they may have tried thousands of password / IP combinations.


I'm not sure. I'm actually concerned about how they got the Voip SIP password out once they did get in there.

This SIP password is the one I generated for my account on the A&A portal by simply pressing a button on the webpage. Here, the user has to use whatever text is generated for the password - the user cannot choose their own text. But they can generate a new string anytime. The act of generating it, automatically applies it to the SIP server for their account and they then have to update thier client box, as I did when I set mine up. To use my SIP account on some other device, the hackers must have somehow remotely got that A&A SIP password back out from my HT 801 hardware device.

Edit:
The device used by the hackers was reported by A&A as being this:
PolycomVVX-VVX_410-UA/5.2.2.1522
I wonder if this might accept the same config file which they could have downloaded from my device?
It's a long shot as my own config file saved some time ago, didn't even work when I tried it after resetting my device.
End Edit.

I do of course accept that they got in there due to me stupidly not changing the default password for the HT801 config access. After they got in, they locked me out, requiring a full reset and start over.

Edited by shaunhw (Tue 31-Jan-23 09:10:35)

Standard User Ancient_Mariner
(eat-sleep-adslguide) Tue 31-Jan-23 10:08:51
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: shaunhw] [link to this post]
 
I have been using A&A VoIP for almost 12 months now. Prior to having them take over my BT number, I took out a VoIP account on a random number to "play with" for a few months to see if all would be ok; which it was.

Regarding the SIP password, yes you can get the portal to generate one, but you can also input your own into the portal, which I have done.

I have a fixed IP and have limited the access accordingly.

This works. A week or so back I took my ATA to a friends house and forgetting this, found that I could not make calls. When I arrived back home there was an email from A&A advising of this and giving the IP address that had attempted the call blush

Cheers!

Clive

Andrews & Arnold Home::1 FTTC DrayTek Vigor 2762ac Cisco ATA191 for A&A VoIP together with a HUAWEI E5776 with O2 Data SIM
Standard User Pheasant
(knowledge is power) Thu 02-Feb-23 00:45:18
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: shaunhw] [link to this post]
 
In reply to a post by shaunhw:
The device used by the hackers was reported by A&A as being this:
PolycomVVX-VVX_410-UA/5.2.2.1522
I wonder if this might accept the same config file which they could have downloaded from my device?
It's a long shot as my own config file saved some time ago, didn't even work when I tried it after resetting my device.
End Edit.

I do of course accept that they got in there due to me stupidly not changing the default password for the HT801 config access. After they got in, they locked me out, requiring a full reset and start over.

The 2 schoolboy VoIP howlers you made were exposing the box to the open internet and secondly not changing the default password. Hackers paradise for free calls!

The device used by them was merely the device used to henceforth login to your A&A SIP account to make calls. It’s just the device-ID returned as part of the SIP registration. Nothing to do with config. files.

Let me assure you if they figured out how to hack your box they didn’t need a “cookie cutter” guide to help them figure out how to setup their own sip endpoint 😀

Have a little read:

https://www.secforce.com/blog/exploiting-grandstream...
Standard User TimF2
(newbie) Sun 16-Apr-23 10:31:43
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: Pheasant] [link to this post]
 
I wonder if anyone can help me please?

I have an active A&A voip account with registered number, a Grandstream HT802, Plusnet Fibre (Hub 2) and some Panasonic Kx-tg8321e 'phones.

Having tried for 5/6 hours now it is proving a problem to get them all to play nicely!

I have followed the guide here: https://support.aa.net.uk/VoIP_Phones_-_Grandstream_... and also the posts above but am still running into problems.

At first I was unable to register the HT802 in the A&A GUI - it just said no registered devices and the Grandstream GUI STATUS page confirmed the same on the FX port.

I then had some limited success by applying a STUN in Grandstream GUI. It then showed the HT802 in the A&A account as registered and also in the Grandstream STATUS page.

This was also confirmed by the blue lights (x3) lit on the HT802. However, if I try and make or receive a call I get no ring tone and it just cuts off.

Any further altering of settings in the Grandstream GUI causes the FX port to become unregistered and the blue FX light goes OFF.

I have checked on the Plusnet router and SIP ALG is disabled.

Would really appreciate some help if anyone is able!

Tia

Edited by TimF2 (Sun 16-Apr-23 10:33:07)

Standard User Pheasant
(knowledge is power) Sun 16-Apr-23 17:45:36
Print Post

Re: A&A VOIP settings for Grandstream ATA


[re: TimF2] [link to this post]
 
Can you register, make and receive calls normally if you use a soft phone client in lieu of the ATA?
Pages in this thread: 1 | [2] | 3 | 4 | (show all)   Print Thread

Jump to