Enterprises have been warned to avoid IP telephony for staff engaged in teleworking.

While tweaking firewalls for premium VoIP traffic allows easier remote access in a telework environment, it can also create a potential security hole putting the network at risk.

Security firm Assurance.com.au director, Neil Wise, said hackers can access a network by locating the address of VoIP Web servers on Google or by scanning for commonalities in mail server protection lists.

"If users fail to change default settings, hackers can access a hole into the network by locating the VoIP Web server [on Google] and could find usernames and passwords in installation documentation from the vendor's Web site," Wise said.

"Many second-tier Australian telcos ship VoIP phones preconfigured. Installation wizards are designed to have minimal user input to make the technology attractive and to reduce support costs but this makes users vulnerable to a very real attack."

"Hackers could also use IP phones with packet-capture to record conversations, depending on the type of encryption used. For example SIP 1.0 [session initiated protocol] could be easily decoded, while SIP 2.0 is much harder."

Telsyte director, Warren Chaisatien, said hackers can leverage the vulnerability to access other Web applications such as online banking.

"While hackers could gain access to networks and steal user accounts to make phone calls, they would cause the most damage in gaining online banking details by monitoring keystrokes," Chaisatien said.

"VoIP phones are subject to these network vulnerabilities because they are an IP application. Users need to realize this and must be very careful and use the same precautions they would for online banking."

User who leave default answering messages are similarly vulnerable, according to Tipping Point director of security research, David Endler, because it allows hackers to identify the phones' make and model.

"Vendors' default voicemail answering messages are unique, so calling the system and listening to the message can tell hackers what brand IP phone system is being used and they can tailor their reconnaissance and attacks accordingly," Endler said.

"Firewall scans reveal open ports and tools can map likely protocols; however, VoIP-aware firewalls close these ports so they are only open when they need to carry calls."

Both Wise and Endler said the solution is to disable VoIP Web servers, change default usernames, passwords and voicemail greetings.