Author Topic: MeetMe Conferencing Security Settings?  (Read 1407 times)

Offline dan231

  • Sr. Member
  • ****
  • Posts: 338
  • Country: us
  • Karma: +0/-0
    • View Profile
MeetMe Conferencing Security Settings?
« on: May 05, 2020, 03:36:00 PM »
I recently discovered that a conference call access code is (by default??) setup active for any extension.  SO my security questions are:

  • Can this be disabled so a passcode must be created by a user?
  • Can codes be set to auto expire so they don;t linger active forever?


Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4104
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: MeetMe Conferencing Security Settings?
« Reply #1 on: May 05, 2020, 03:59:47 PM »
I recently discovered that a conference call access code is (by default??) setup active for any extension.  SO my security questions are:

  • Can this be disabled so a passcode must be created by a user?
  • Can codes be set to auto expire so they don;t linger active forever?
No and no... Any USER will have a conference bridge, not any extension. Unfortunately, that is just the way it is.

Offline dan231

  • Sr. Member
  • ****
  • Posts: 338
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: MeetMe Conferencing Security Settings?
« Reply #2 on: May 05, 2020, 04:03:43 PM »
Are there security concerns to this at all?

Example:  voicemail with no pin, backdoor into system to make long distance calls, etc

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4104
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: MeetMe Conferencing Security Settings?
« Reply #3 on: May 05, 2020, 04:53:48 PM »
Are there security concerns to this at all?

Example:  voicemail with no pin, backdoor into system to make long distance calls, etc
Voicemails can be set with no PIN at the users option and cannot be disabled (they always have an option of no passcode)... This is a privacy concern, but not really a security concern as unlike most voicemail systems you cannot set a user attendant as an external number.

To my knowledge there is no way way to "hack" the system to make LD calls remotely without access to the programming tool and administrator access.

Offline dan231

  • Sr. Member
  • ****
  • Posts: 338
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: MeetMe Conferencing Security Settings?
« Reply #4 on: May 05, 2020, 04:55:14 PM »
thank you for this information

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4104
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: MeetMe Conferencing Security Settings?
« Reply #5 on: May 05, 2020, 05:03:25 PM »
Personally, I feel the conference bridge is a potential issue... Not security, but privacy (anyone knowing the code listen in at any time), but also conferences do not require an internal party, so there is a potential of fraudulent or criminal activity occurring on your conference bridge. I have setup a LOT of these and I have never had any issues arise, but it is something that sticks in the back of my mind as a very "odd" way for Mitel to set this up.


 

Sitemap 1 2 3 4 5 6 7 8 9 10