indie_dev wrote:Sorry for the confusion everyone. It is a long post and I got the config naming convention incorrect. But thats the extent of it.
The sheet I got with the Telo indicated that 2B was the best option for QOS of the telephone traffic. That is the option that (a) poses a risk as described (b) will completely kill any advanced config that you have going on in your modem/router and thus you delegate all those tasks from your more capable modem/router to the vastly incapable Ooma device.
Wait. Is this the part where the local denizens try to attack the new guy? If that is the case, let me share some facts with you.caseybea wrote:It's so cool when people set up up networking improperly, and then get all freaked out when they've accidentally exposed something. While you probably have a fair understanding of your home network's setup, you're missing understanding the setup of the ooma device vs the LAN port vs the DMZ and what is, or is not, exposed.
Phrased more simply, I'm sorry to say that you messed up. If set up properly, the web interface for the ooma device is NOT accessible outside of your home network. This is regardless of whether or not the ooma is in front of or behind the router.
There are several posts in this forum that describe how to set up the web interface and yet not expose it to the outside.
1. I'm not a n00b. So yes, I do this stuff for a living - and for much longer than most have had hot dinners.
2. My test experience is EXACTLY as I indicated or I wouldn't have posted about it. I ran the test several times.
3. If I wanted to make waves, I'd have created a post about it on my dev blog (which gets more traffic than this forum at any moment in time). But no, I simply wanted to make those smart enough to take their security/privacy seriously, be aware of the security risk. YMMV.
So please, refrain from making unqualified statements and go run the test yourself. You do NOT need a complex setup as mine. In fact, I sent this post to a friend of mine at Secunia and his first comment was that the fact that the OoMa interface had no password is the first sign of a security breach.
I don't care really, so go ahead and do what you want.
I am sorry, but no one is attacking you, in fact anyone that is on the offense is you. The fact that you insist that your in the biz is also a bit disconcerting.
Option 2B is behind your router, there is NO way anyone can see your LAN UNLESS if you monkey with the advance configuration of YOUR router, in which case your on your own. How can you blame Ooma for security changes you made to your router supposedly allows your LAN exposed to the public?