The Net's Best Services, Programs, Software, and More!
Internet Security


Video Conferencing Hole Exposed

Malicious hackers are no longer limited to looking at private data - now they can also see their victims.

Even a relatively unskilled attacker can transform some video-conferencing systems into video-surveillance units, using the devices to snoop, record or publicly broadcast presumably private video conferences.

A half-dozen exploits have recently been discovered in the operating system of Polycom's popular ViewStation device.

Some of the issues have been addressed in a system upgrade released last week, but many users said they weren't advised they needed to upgrade their ViewStation's operating system and were unaware of the security problems.

Attackers can easily retrieve ViewStation administrator passwords, remotely take control of the device and record or monitor video conferences.

There are some very serious problems here. A hacker could very easily take administrative control over an entire conferencing system. One would need only a Web browser to point and click their way into the system.

The ViewStation has been vulnerable to denial-of-service attacks and other sorts of data-flood attacks that can destabilize the system and allow an attacker to gain control over it.

Navastream researchers discovered that ViewStation passwords are transmitted in "clear text," unencrypted and easily readable to anyone who is snooping on the system.

An attacker monitoring the connection with a network sniffer will be able to retrieve the password to gain access to remote management controls. And if they were to gain remote control, they could turn on the device and publicly broadcast over the Internet every meeting a corporation held in a room with a ViewStation.

Once a system is penetrated, an attacker could create a simple programming script that virtually anyone could use to access that system remotely.

*Upgrading the ViewStation's operating system would provide protection from many of these exploits. The upgrade has been released.

Affected units are Polycom ViewStation 128 Version 7.2 and earlier, Polycom ViewStation H.323 version 7.2 and earlier, Polycom ViewStation 512 version 7.2 and earlier, Polycom ViewStation MP version 7.2 and earlier, Polycom ViewStation DCP version 7.2 and earlier, Polycom ViewStation V.35 version 7.2 and earlier, and Polycom ViewStation FX/VS 4000 version 4.1.5 and earlier.

Some ViewStation users complained that Polycom didn't openly announce the security issues on their website or notify users, and said they didn't announce that the system upgrade was necessary to secure their devices.

In addition to keeping up with patches, placing video-conferencing devices behind a protective firewall is a good practice to follow.

You will find much more on this topic at WorldsLargestNetwork.com

  Home
  Partners
  $100000 Club
  Is Free.. Free?
  Free Games
  Custom Software
  Website Hosting

WorldsLargestNetwork.com








Is Free really Free?



Spyware Scanner will Scan Your PC for Malicious Spyware or Adware Free!

Home | Partner with the Best
Worlds Largest Network

Active © WorldsLargestNetwork.com; All Rights Reserved