Security with ATA

[Marty.ba.calif.usa]

Are there any security concerns with having the Obihai device online?  Is there a way for someone to get to the IVR and use the callback or forwarding capabilities?  I just got mine, and I'll probably learn more soon, but I don't really want to leave it connected until I know it's somewhat secure.  I'm assuming that there must be a way for untrusted numbers to use it (password, I assume).  If so, which password should I change - admin?  Or is there a different one for phone access?

Also, is there a problem with phones ringing at night from hackers trying to get in?

[azrobert]

If you didn't setup the Auto Attendant (IVR) then you don't have to worry.
If AA is setup based on an inbound call's CallerID a hacker could spoof the CallerID and access the AA.
It's very unlikely a hacker would know what CallerID to use.
If you're uncomfortable with this you can assign a PIN to the AA to prevent unauthorized outbound calls.

Scanners (hackers) can only ring your phone if you use Port Forwarding in your router.
If you use Port Forwarding see this thread:
http://www.obitalk.com/forum/index.php?topic=4067.0

Reply 101 called the Oleg method is the best IMHO.
http://www.obitalk.com/forum/index.php?topic=4067.msg35778#msg35778

You could also change the port numbers on the OBi. Scanners usually send calls to ports 5060 or 5061.

Edit:
If you get telemarketing calls see:
http://www.obitalk.com/forum/index.php?topic=7413.0

[Marty.ba.calif.usa]

Thanks a lot for those tips.  I feel a little bit safer now. :-)

I get a lot of telemarketing calls - in fact, that's my primary reason to get this, so I can have more control over the phone.  But I don't think blocking by callerID will work, because they change them at will, and it's like trying to get rid of flies outside with a fly swatter.  Instead, I plan to use IVR to add a little simple interaction with incoming calls, like pressing one key to connect, another to leave voicemail, etc.  That way, robocallers will disconnect, and most telemarketers won't even hear the first part of the message anyway.  The others I can deal with - I'll just tell them not interested, please remove me.

[azrobert]

You can setup white list of friends and family in a User Defined DigitMap.
Anyone in the list will ring the phone directly.
Everybody else will be sent to the AA.

User Settings -> User Defined Digit Maps -> Pick one

Label: wht
DigitMap: (4801111111|4802222222|4803333333|6024444444)

or to save space
DigitMap: (480(1111111|2222222|3333333)|6024444444)

The above assumes country code is not included in CID.

Voice Services > SPn Service -> X_InboundCallRoute:
{(Mwht):ph},{aa}

Edit:
Are you sure you want to do this?
I get a lot of good automated calls, like appointment reminders.

[Marty.ba.calif.usa]

You can setup white list of friends and family in a User Defined DigitMap.
Anyone in the list will ring the phone directly.
Everybody else will be sent to the AA.

User Settings -> User Defined Digit Maps -> Pick one

Label: wht
DigitMap: (4801111111|4802222222|4803333333|6024444444)

or to save space
DigitMap: (480(1111111|2222222|3333333)|6024444444)

The above assumes country code is not included in CID.

Voice Services > SPn Service -> X_InboundCallRoute:
{(Mwht):ph},{aa}

Edit:
Are you sure you want to do this?
I get a lot of good automated calls, like appointment reminders.

I don't want to do that, exactly, but it would be a good idea if I could have something similar to bypass my call screening IVR.  But I guess that would need to be done at the VOIP site, not the Obi.

I haven't learned much about digimaps yet.  I get the idea, having worked with regular expressions when I was a programmer, plus I'm a Linux user.  One of these days, I'll get into them.