Home
 » ISP News » 
Sponsored Links

Best to Avoid Doing IP PBX Style VoIP via BT’s Home Hub Routers

Friday, Mar 27th, 2015 (10:15 am) - Score 8,500

Customers of BT’s consumer broadband service should avoid using the ISPs Home Hub routers for business style VoIP phone setups because of a seemingly deliberate built-in weakness that, no matter what security settings you choose on the hub, it will always leave port 5060 open.

Admittedly we can’t think why anybody would want to use a consumer grade router like the HomeHub for operating an IP PBX style Voice-over-IP system, except perhaps as part of a techy experiment. Generally you’re better off getting a proper piece of business focused kit.

Advertisement

But never the less it appears as if a number of businesses have fallen foul of this security flaw (some of which were sent BT’s consumer Home Hub instead of the needed Business Hub) and in so doing have left themselves exposed to hackers who can break into connected VoIP systems.

The sorry tale is covered in much detail over at The Register, which reveals that no matter what you do (e.g. blocking all incoming ports, setting UPnP off, using 256bit passwords etc.) the standard port for VoIP (5060) will always remain open to any incoming connections and the hub will even do the NAT for you until it can find a working SIP device.

On the one hand this makes life easier for those trying to setup the BT VoIP service, while on the other it also makes it easier for hackers to smuggle attack traffic through the Hub in order to break into SIP accounts via brute-force.

BT’s Statement

BT has investigated similar issues and concluded that there is no fault with the way BT’s Consumer Home Hubs operate to allow VoIP calls over the internet.

It’s inappropriate to connect an IP PBX to the internet without taking additional steps to secure it.

If a customer does choose to set up their own IP PBX they must ensure that it is configured securely so they do not leave themselves exposed to potentially fraudulent behaviour.

The vast majority of BT customers would never use an IP PBX in this way, so there is very little risk that other customers would experience the same issue.

Strictly speaking this isn’t entirely the HomeHub’s fault, although other routers tend to show a lot more control over traffic, even on the VoIP ports, and the wider hacks could have been mitigated had BT’s Hub done the same.

Advertisement

But when a customer selects to block all incoming ports then you expect that to happen, you don’t expect all incoming ports – except 5060 – to be blocked and the fact that this isn’t communicated in any way to the end-user certainly doesn’t help. On the other hand you really should get a proper router for PBX and protect the system past the hub too.

Tags: , ,
Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £25.00
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £26.50 - 27.00
150Mbps
Gift: None
Sky Broadband UK ISP Logo
145Mbps
Gift: None
Large Availability | View All
New Forum Topics
By: The Wee Bear
By: AbsolutelyRidiculous
By: The Wee Bear
By: S0X
Cheapest ISPs for 100Mbps+
Brsk UK ISP Logo
Brsk £19.00
150Mbps
Gift: None
Gigaclear UK ISP Logo
Gigaclear £19.00
300Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £22.99
150Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5916)
  2. BT (3618)
  3. Politics (2679)
  4. Business (2394)
  5. Openreach (2387)
  6. Building Digital UK (2312)
  7. Mobile Broadband (2099)
  8. FTTC (2074)
  9. Statistics (1871)
  10. 4G (1771)
  11. Virgin Media (1724)
  12. Ofcom Regulation (1554)
  13. Fibre Optic (1455)
  14. Wireless Internet (1445)
  15. FTTH (1384)
Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon