By default provisioning is active. This means, that EVERYONE knowing my MAC adress can captutre my SNOM phones.
Today a customer of showed me how it works. I just passed him my MAC adress and he completly reconfigures my Snom phones.All my settings were overwritten including my identities. And all this without any user-interaction or user notification only by knowing my MAC adress!!!
I'm working in the IT security for many years, but havent seen something linke this before. I see this as a major SECURITY ISSUE.
This is completly INACCEPTABLE. I'm expecting a detail statement from SNOM to this higly relevant security issue.
Dear k. Seybold
What do you mean with "knowing my MAC adress can captutre my SNOM phones."
Our phones support several ways for provisioning DHCP66, TR069, Redirect Server. Which option are you using?
If they are in a local network you should take care of who is accesing to it. Please explain a little bit more to clarify the situation you are describing
Also take a look into
You are able to disable provisioning options
I don't know the exact methode. He was using the crown.de configuration Interface.
The big security issue is, that provisioning is enabled by default. As a standard user you do not even imagin, that someone enables such a highly risky feature by default.
BTW: MAC security is NEVER NEVER NEVER a good way to protect IT components. There are plenty of papers showing that MAC security does not work! I have no problem if a administrator can activate provisioning at his own risk. BUT NOT BY DEFAULT !!!!
And for security reasons I want to how what data are transfered/exchanged during this "calling home sessions" . Please clarify.