I have a SIP phone (Grandstream BT 101), which I use with Sipgate. However,
yesterday, when I tried to use it, it wouldn't work. I went to the settings
page of the phone, and discovered that the connection details had been
changed. The provider was no longer Sipgate but europasstelecom.com (many
settings had been changed).
I wonder if this is a bug following a self-firmware update, or if some
company hacked the phone to change the provider...
Tom wrote:
> Hi,
>
> I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
> However, yesterday, when I tried to use it, it wouldn't work. I
> went to the settings page of the phone, and discovered that the
> connection details had been changed. The provider was no longer
> Sipgate but europasstelecom.com (many settings had been changed).
>
> I wonder if this is a bug following a self-firmware update, or if
> some company hacked the phone to change the provider...
>
> Tom
Interesting, not come across that before. I'll make some enquiries..! Had
the firmware recently updated..?
Please let us know what you find out! Hacking SIP phones could be a whole
new area of hurt for comsumers!
Although this shouldn't be able to hurt you commerically, it would allow
someone to fish for all your friends numbers, and could even listen in on
your conversations.
"Tom" <Tom@nospam.com> wrote in message
news:Io6dnVmkZY9X3UbfRVnyuA@pipex.net...
> Hi,
>
> I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
However,
> yesterday, when I tried to use it, it wouldn't work. I went to the
settings
> page of the phone, and discovered that the connection details had been
> changed. The provider was no longer Sipgate but europasstelecom.com (many
> settings had been changed).
>
> I wonder if this is a bug following a self-firmware update, or if some
> company hacked the phone to change the provider...
>
> Tom
>
Hi.
Ok, did you buy this set new? And when you programed it you set the tftp
server to 0.0.0.0 or an address on your network and changed the password.
If not and you left the tftp server address in when it reboots it will look
for the tftp server and update settings as nesesary.
To have "Hacked" it you would have needed port80 open and pointing at the
phone..
I very much doubt its been hacked.
What is even odder is that europasstelecom dont seem to have launched a
service yet!!!! and it looks like a MLM scheme as well, so any type of
advertising is good for dodgy agents.......even just getting the name
outthere....
> Ok, did you buy this set new? And when you programed it you set the tftp
> server to 0.0.0.0 or an address on your network and changed the password.
> If not and you left the tftp server address in when it reboots it will
look
> for the tftp server and update settings as nesesary.
> To have "Hacked" it you would have needed port80 open and pointing at the
> phone..
> I very much doubt its been hacked.
>
> What is even odder is that europasstelecom dont seem to have launched a
> service yet!!!! and it looks like a MLM scheme as well, so any type of
> advertising is good for dodgy agents.......even just getting the name
> outthere....
>
But does upgrading the firmware loose all customer settings? Is there no
facility for upgrading but restoring user configuration?
In article <42db928c$0$13702$ed9e5944@reading.news.pipex.net> ,
"Paul D.Smith" <paul_d_smith@x-hotmail.com> writes:
>But does upgrading the firmware loose all customer settings? Is there no
>facility for upgrading but restoring user configuration?
Much to my surprise, upgrading (and then downgrading again)
my sipura spa-3000 didn't lose any settings.
"Paul D.Smith" <paul_d_smith@x-hotmail.com> wrote in message
news:42db928c$0$13702$ed9e5944@reading.news.pipex. net...
> > Ok, did you buy this set new? And when you programed it you set the tftp
> > server to 0.0.0.0 or an address on your network and changed the
password.
> > If not and you left the tftp server address in when it reboots it will
> look
> > for the tftp server and update settings as nesesary.
> > To have "Hacked" it you would have needed port80 open and pointing at
the
> > phone..
> > I very much doubt its been hacked.
> >
> > What is even odder is that europasstelecom dont seem to have launched a
> > service yet!!!! and it looks like a MLM scheme as well, so any type of
> > advertising is good for dodgy agents.......even just getting the name
> > outthere....
> >
>
> But does upgrading the firmware loose all customer settings? Is there no
> facility for upgrading but restoring user configuration?
>
No. But settings can be part of the TFTP process, more info here http://tanesha.net/Wiki/GratissipTftpd.html. Personly this is the first time
I have heard of a GS being "hacked" and as I mentioned its strange that the
company mentioned doesnt have a service just a MLM scheme of types running.
The software was upgraded automatically apparently. I bought the phone from
new, and originally went to a single page to put my settings. I am using
Sipgate, and also added a password. The phone is also in a DMZ, so not
protected by firewall.
When I then tried to use the phone later on, it wouldn't work, so I logged
on the web interface again, and saw a new interface (three tabs instead of a
single page, so the phone must have downloaded automatically an upgrade from
the manufacturer), and the provider details had changed. The phone wouldn't
connect anyway since I don't have an account with them.
I found all of this very strange. I changed the settings manually back to
Sipgate, and the phone is now working again...
"Ivor Jones" <ivor@despammed.invalid> wrote in message
news:3k0vi6FrrkgnU1@individual.net...
> Tom wrote:
>> Hi,
>>
>> I have a SIP phone (Grandstream BT 101), which I use with Sipgate.
>> However, yesterday, when I tried to use it, it wouldn't work. I
>> went to the settings page of the phone, and discovered that the
>> connection details had been changed. The provider was no longer
>> Sipgate but europasstelecom.com (many settings had been changed).
>>
>> I wonder if this is a bug following a self-firmware update, or if
>> some company hacked the phone to change the provider...
>>
>> Tom
>
> Interesting, not come across that before. I'll make some enquiries..! Had
> the firmware recently updated..?
>
> Ivor
>
>
"Andrew Gabriel" <andrew@cucumber.demon.co.uk> wrote in message
news:42dba60a$0$38044$5a6aecb4@news.aaisp.net.uk.. .
> In article <42db928c$0$13702$ed9e5944@reading.news.pipex.net> ,
> "Paul D.Smith" <paul_d_smith@x-hotmail.com> writes:
>>But does upgrading the firmware loose all customer settings? Is there no
>>facility for upgrading but restoring user configuration?
>
> Much to my surprise, upgrading (and then downgrading again)
> my sipura spa-3000 didn't lose any settings.
>
In article <3k43teFs1m45U1@individual.net>,
"Lee" <me@privacy.net> writes:
>
> "Andrew Gabriel" <andrew@cucumber.demon.co.uk> wrote in message
> news:42dba60a$0$38044$5a6aecb4@news.aaisp.net.uk.. .
>> Much to my surprise, upgrading (and then downgrading again)
>> my sipura spa-3000 didn't lose any settings.
>
> Out of interest - why did you downgrade?
The version 3 firmware introduced and fault whereby all the
syslog messages are missing the PRI header so they aren't
usable. In the version 2 firmware, most of the syslog messages
are more correctly formed (a few only are missing the PRI header
and unusable).
Also, the version 3 firmware didn't fix the TCP window handling
problem which was the main reason for trying the upgrade. This
prevents the browser interface working properly when the browser
system advertises a large TCP window (i.e. probably something
over 32k, but not window scaling), and it is running across a WAN
or sufficient routers such that more than 32k of data gets
buffered across the network. It looks to me like the spa-3000 is
perhaps tripping on some associated 16bit arithmetic which needs
to be 32 bit arithmetic, screwing up its TCP sequence calculations,
and gets stuck in a TCP restransmit loop. If you have control of
the TCP window advertised from the browser system, knocking it
down to 20k is a workaround.
"Andrew Gabriel" <andrew@cucumber.demon.co.uk> wrote in message
news:42dced6e$0$38046$5a6aecb4@news.aaisp.net.uk.. .
> In article <3k43teFs1m45U1@individual.net>,
> "Lee" <me@privacy.net> writes:
>>
>> "Andrew Gabriel" <andrew@cucumber.demon.co.uk> wrote in message
>> news:42dba60a$0$38044$5a6aecb4@news.aaisp.net.uk.. .
>>> Much to my surprise, upgrading (and then downgrading again)
>>> my sipura spa-3000 didn't lose any settings.
>>
>> Out of interest - why did you downgrade?
>
> The version 3 firmware introduced and fault whereby all the
> syslog messages are missing the PRI header so they aren't
> usable. In the version 2 firmware, most of the syslog messages
> are more correctly formed (a few only are missing the PRI header
> and unusable).
>
> Also, the version 3 firmware didn't fix the TCP window handling
> problem which was the main reason for trying the upgrade. This
> prevents the browser interface working properly when the browser
> system advertises a large TCP window (i.e. probably something
> over 32k, but not window scaling), and it is running across a WAN
> or sufficient routers such that more than 32k of data gets
> buffered across the network. It looks to me like the spa-3000 is
> perhaps tripping on some associated 16bit arithmetic which needs
> to be 32 bit arithmetic, screwing up its TCP sequence calculations,
> and gets stuck in a TCP restransmit loop. If you have control of
> the TCP window advertised from the browser system, knocking it
> down to 20k is a workaround.
>
Not sure what all that means, but thanks! ;-)
I have an spa-3000 that appears to be working fine but thought I would
check.
Settings can be downloaded via TFTP as the GS supports auto-provisioning. My
guess is that you have set the tftp server entry unknowingly to europass's
server. They did have a service called Noodle, which went out of business
before it started.
The Knowledge
"Ian" <spam"AT"bathfordhill.co.uk> wrote in message
news:11dne1hpd2bq4e2@corp.supernews.com...
>
> "Paul D.Smith" <paul_d_smith@x-hotmail.com> wrote in message
> news:42db928c$0$13702$ed9e5944@reading.news.pipex. net...
> > > Ok, did you buy this set new? And when you programed it you set the
tftp
> > > server to 0.0.0.0 or an address on your network and changed the
> password.
> > > If not and you left the tftp server address in when it reboots it will
> > look
> > > for the tftp server and update settings as nesesary.
> > > To have "Hacked" it you would have needed port80 open and pointing at
> the
> > > phone..
> > > I very much doubt its been hacked.
> > >
> > > What is even odder is that europasstelecom dont seem to have launched
a
> > > service yet!!!! and it looks like a MLM scheme as well, so any type of
> > > advertising is good for dodgy agents.......even just getting the name
> > > outthere....
> > >
> >
> > But does upgrading the firmware loose all customer settings? Is there
no
> > facility for upgrading but restoring user configuration?
> >
> No. But settings can be part of the TFTP process, more info here
> http://tanesha.net/Wiki/GratissipTftpd.html. Personly this is the first
time
> I have heard of a GS being "hacked" and as I mentioned its strange that
the
> company mentioned doesnt have a service just a MLM scheme of types
running.
>
> Ian
>
>
Grandstream BT 101 phone hacked? 
Linear Mode
