While tweaking firewalls for premium VoIP (Voice over Internet Protocol) traffic allows easier remote access in a telework environment, it can also create a potential security hole putting the network at risk.

Security firm Assurance Pty Ltd.'s Assurance.com.au Director Neil Wise said hackers can access a network by locating the address of VoIP Web servers on Google Inc. or by scanning for commonalities in mail server protection lists.

"If users fail to change default settings, hackers can access a hole into the network by locating the VoIP Web server [on Google] and could find usernames and passwords in installation documentation from the vendor's Web site," Wise said.

"Many second-tier Australian telcos ship VoIP phones preconfigured. Installation wizards are designed to have minimal user input to make the technology attractive and to reduce support costs but this makes users vulnerable to a very real attack."

"Hackers could also use IP phones with packet-capture to record conversations, depending on the type of encryption used. For example SIP 1.0 [session initiated protocol] could be easily decoded, while SIP 2.0 is much harder."