Re: Phone Switches + telephone banking etc

From: Dave Booth (dboothat_private)
Date: Fri Jun 07 2002 - 12:09:41 PDT

  • Next message: hellNbak: "Re: Phone Switches + telephone banking etc"

    Vachon, Scott wrote:
    > In a past occupation, I worked with phone switches. Most have a bare minimum
    > OS that runs on them but, for full functionality they are used with a
    > separate host (or hosts).
    
    Indeed, and that has been the source of a major burr in my hide. In 
    various jobs I've more than once encountered the scenario where the 
    separate host is an out-of-the-box install of the OS, unpatched, every 
    service in the book running and with the telephony app thrown in there 
    with a default install just before its shipped to the customer site 
    along with a support and maintenance contract. This app, of course, 
    usually remains something of a black box even when glared at with 
    extreme prejudice by an experienced sysadmin. When that same sysadmin 
    starts tallking about locking down some unnecessary services or even 
    (horrors!) reimposing the default setup of most *nix variants that 
    prevent root logins anywhere but the physical console the immediate 
    response is usually "Change our default config and you void your 
    maintenance contract - install any other software and we will no longer 
    support the app. No, our remote support techs must be able to make a 
    root login over the dialup line or we wont support the system at all..."
    
    Needless to say, most businesses balk at the thought of having their 
    phone system unsupported if it goes down and so the system remains wide 
    open. One vendor who I wont trouble to name even went so far as to 
    forbid the installation of backup client software but at the same time 
    handed the root password to anyone who asked for it "so that they could 
    run the commands that control the switch connection" Thankfully the 
    disaster waiting to happen there didnt occur on my watch and I wasnt put 
    in the position of having to find a diplomatic way to tell my employer 
    that I'd told them so...
    
    -- 
    Dave Booth, CWT-IT
    dboothat_private
    +---------------------------------------------------+
    | Catapultam habeo. Nisi pecuniam omnem mihi dabis, |
    | ad caput tuum saxum immane mittam.                |
    +---------------------------------------------------+
    



    This archive was generated by hypermail 2b30 : Fri Jun 07 2002 - 15:48:06 PDT