[ILUG] voip & alarm systems
Bryan O'Donoghue
typedef at eircom.net
Fri Mar 11 15:54:36 GMT 2005
Philip Trickett wrote:
> On Fri, 2005-03-11 at 12:28 +0000, John P. Looney wrote:
>
>> I'm at home, struggling with ISDN. If I threw it out, I'd get NTL
>>broadband at about half the cost. However, I need to have a PSTN
>>connection for my monitored alarm.
>
>
>
> Why don't you go down the 'self monitored' route?
>
> Once you have NTL broadband, get yourself a Linksys NSLU-2, have alook
> here:
> http://groups.yahoo.com/group/nslu2-linux/
>
> Then get yourself a couple of webcams, or 3, and download zoneminder:
> http://www.zoneminder.com/
>
> Use one of the NSLU-2's GPIOs to sense when your alarm has been
> activated, start monitoring on the webcams, and use zoneminder to send a
> message to your mobile via SMS that your alarm has been triggered.
> You can then connect using WAP on your phone to your NSLU-2 and view
> images from the webcam to see if it is a false alarm, and maybe hack up
> a bit of perl to use one of the other GPIO's on your NSLU-2 to turn your
> alarm off using a WAP page if you find it is a false alarm.
>
> I'd trust that alot more than Eircom! :)
>
> Phil
>
>
<OT: Abstract>
Do we know for sure the Phonewatch is a central station ?
Those things are _notoriously_ insecure, in that they let any joe soap
dial in and start sending in packets.... and (typically) another machine
polls the central station for information... plus there is no limit to
the number of packets that can just 'be' sent.
So if you think about it... you could D.O.S a central station with the
PSTN equivalent of flood pinging...
If an attacker had accuretly graphed the number of potential incomoing
lines a central station had... and tied them all up at once... you could
set off alarms wholesale... of course, the monitoring company would
probably realise they were being DOSed... then again... all things being
equal... maybe said company wouldn't.
<Anyway>
Nominally what you want to do, depends on the eventual Digital to Analog
conversion ie, the IP to PSTN conversion, done by your VoIP provider.
Their IP to PSTN gateway would have to support either the DTMF security
protocol or SIA security protocol (assuming that the Eircom server is a
classic (broken) Central Station), both of which have requirements
placed at the link layer... ie, the SIA, format is some sort of
permutation of V22 FSK... so it would be insufficient to simply have a
VoIP Gateway, dial the Eircom server... that Gateway would _also_ have
to be able to establish the right sort of negotiated handshake with the
eircom end.
Point 1: DTMF security and SIA[1] over PSTN are esoteric _enough_ and
it's doubtful that the IP2PSTN gateway from your VoIP provider has that
capability in it's chipset.
Point 2: I haven't investigated... but, it's quite possible Eircom is
running Eircom_PSTN_SECURITY_CARRIER protocol over the PSTN, instead of
something standard.
If not Point1+Point2 you're in business.
[1]SIA is actually not even freely available [2]
[2]You gotta love security through obfustication
More information about the ILUG
mailing list