Nortel IP Phone 1200 Series
Posted by Michael McNamara in AVAYA, Nortel, VoiceOverIP on January 26, 2010
We recently purchased two Avaya/Nortel 1220 IP phones for testing in our environment as a possible replacement to the manufacture discontinued i2002/i2004 IP phones. We’re evaluating whether we should purchase the 1120e/1140e or the 1220/1230 as our standard IP phone going forward. An obvious concern going forward is that the phone support the Session Initiation Protocol (SIP) so that it will be potentially capable of inter-operating with whatever soft switch or PBX we might have in the backend, be it the Avaya Aura or the legacy Avaya/Nortel Call Server 1000.
I should warn folks that the phone is sold with different SKUs depending if you want it running the UNIStim or SIP protocol. Upgrading the phone between the UNIStim and SIP firmwares is not supported by Avaya/Nortel. With that said I was successful in upgrading/converting a UNIStim SKU’d phone with the SIP firmware available from Avaya/Nortel’s Software Communication System (SCS). I did have some issues downgrading/converting the same set back to UNIStim, although I eventually found the workaround that was needed to trick the SIP firmware into believing I had newer firmware. I can share that with anyone that is interested or if anyone is stuck in a similar position.
The default configuration password is:
26567*738
Cheers!
Update: Monday February 22, 2010
It might be easier to remember the password as follows:
COLOR*SET
Kaspersky Antivirus – Google Adsense – Trojan
Posted by Michael McNamara in PersonalComputing on January 25, 2010
It was like deja vu, only a few months ago I wrote about an issue with Kaspersky Internet Security 2010 and Google Adsense. So you can imagine my surprise this morning when our Blue Coat ProxyAV appliances started sending out hundreds of alarms that URLs associated with Google Adsense were infected with a Trojan. After looking at the Javascript it was pretty clear that this was a false positive result.
2010-01-25 12:04:25-05:00EST
Hardware serial number: 3806111111
ProxyAV (Version 3.2.4.1(43261)) – http://www.BlueCoat.com/ Antivirus
Vendor: Kaspersky Labs Scan Engine Version: 8.0.1.23
Pattern File Version: 100125.095500.3363319 (Timestamp: 2010.01.25 09:55:00)
Machine name: ProxyAV-gosford
Machine IP address: 10.1.1.45
Server: 64.233.169.165
Client: 10.1.1.100
Protocol: ICAP
Virus/PUS: “Trojan.JS.Redirector.ar” found!
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
There was quite a thread over on the support forums at Kaspersky on the subject.
Cheers!
Avaya/Nortel Integrated Roadmap Keynote
Posted by Michael McNamara in AVAYA, Nortel on January 19, 2010
Well if you’re like a lot of us today you probably didn’t see much. I was unable to connect myself and know of three other people around the country that were also unable to connect.
Here’s the response from Avaya when I questioned them on it;
Were you aware that many Customers could not gain access to your presentation?
Please accept our apologies. Due to unprecedented demand, we experienced technical issues. The replay will be available today at 3:30pm ET, using the same link. You can also view the replay on-demand beginning 9:00am, Thursday, January 21, and will be available on demand for 6 months. It can be accessed using the same URL, user id and password that you received when you registered.
I’m in the process of trying to download the presentation and all the material. I’m hoping that I can sift through all the slides and marketing and get to the real meat, which I can then post here. In short the existing data product roadmap is getting adopted by Avaya – although I believe it’s fair to ask what is/was the data product roadmap? Let’s see it! It was obvious that the voice solutions were going to be the big issue. I heard/read that the CS1000 isn’t going anywhere anytime soon but I only heard about future support for the 1120e and 1140e IP phones, what about the millions of i2002/i2004 IP phones? I also did’t see much about the BCM/SRG other than a comment that it would continue to be manufactured into 2011.
If you’ve seen the keynote and had time to digest the information please go ahead and comment. I will update this post with additional thoughts and comments when I’ve had an opportunity to read through all the material. Hopefully I’ll be able to see the beginning of the keynote presentation today at 3:30PM.
Cheers!
Update: January 19, 2010 3:30PM
Looks like the presentation will now be available at 4:00PM as opposed to the previously announced 3:30PM.
Windows 2003 Server falls off network
Posted by Michael McNamara in PersonalComputing on January 14, 2010
It’s been a very interesting two days around the test lab we maintain in the organization I work. There was an issue reported to me yesterday about a server, just happened to be the primary (and only) DNS/DHCP server, that wasn’t communicating with the test lab network. A few coworkers had already been looking at the problem for a few hours before they gave me a call.
It was a Windows 2003 Service Pack 2 server running on an HP DL580. The server had link with the Nortel Ethernet Routing Switch 5510 and it had properly auto negotiated to 1.0 Gbps. The server had an ARP table (arp -a) with numerous entries in it. However, the server was unable to communicate or ping anything on the network, not the default gateway, not the other servers in the same VLAN, not the desktops in the same VLAN. A cursory review of the system logs on the server and switch didn’t reveal anything of interest. I didn’t believe it was the NIC, the patch cable, the switch port but we literally swapped everything including the server just taking the hard disks out of one box and throwing them into another. One of the engineers even went as far as deleting the NICs within Windows Device Manager and re-installing them after a reboot. Still the problem persisted. After looking at the problem for almost 60 minutes a small horde of folks had assembled all waiting for word on when the lab would be available so I decide to take the path of least resistance and asked the server team to re-image the server and I would rebuild the DHCP/DNS configuration and so the problem was solved.
Until I came into work today and was told of yet another server in the test lab acting identically to the server that we had re-imaged yesterday. I immediately became suspicious, was there some Trojan loose on the test lab network, was there some Microsoft Security patch gone awry, or was it something more sinister like McAfee’s ePolicy Orchestrator (ePO) or Symantec’s Altiris. Anti-Virus sweeps and RootKit checks all came back negative and by now we had yet another server that was experiencing the same exact issue. That meant we were up to 3 servers in 2 days, 1 of which had been restored by re-imaging and rebuilding the application configuration. Later in the afternoon one of our senior engineers took to the Microsoft Knowledgebase and Google in search of answers and after noticing an interesting event in the system log,
Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer. For detailed troubleshooting information, review the events in the Security event log,
came across KB870910 on the Microsoft Support website. We issued the following command;
Click Start, click Run, type regsvr32 polstore.dll, and then click OK.
After a quick reboot we were back up and running again. We suspect that the local C: drive had filled up on the servers and had caused the policy store to become corrupt which was causing the IPSec service to enter ‘Block’ mode.
That was a great find Brian!
Cheers!
About Me
network architect and security professional, excited about helping folks make the most out of what technology as a whole has to offer.
POLL
Loading ...
RECENT COMMENTS