[Message Prev][Message Next][Thread Prev][Thread Next][Message Index][Thread Index]

Re: Need to cut through the BS on Alarm monitoring costs



"Bob La Londe" <none@xxxxxxxx> writes:

> "Russell Brill" <russwbrill@xxxxxxxxxxxxx> wrote in message
> news:0KKdnRtZV4M5oLbSnZ2dnUVZ_j-dnZ2d@xxxxxxxxxxxxxxxx
>>
>> "Bob La Londe" <none@xxxxxxxx> wrote in message
>> news:lbnWq.6376$%17.87@xxxxxxxxxxxxxxx
>>> "blueman" <NOSPAM@xxxxxxxxxx> wrote in message
>>> news:m2haza0y5j.fsf@xxxxxxxxxxxxxxxxxxxx
>>>> blueman <NOSPAM@xxxxxxxxxx> writes:
>>>>> Can you list any nationally available or local to Boston area companies
>>>>> that you have heard good things about...
>>>>
>>>> Just to clarify, I have a DMP XR200 system and I understand that not all
>>>> monitoring companies cover DMP
>>>
>>> Yeah, but DMP can send other formats than DMP format.  I thought
>>> you were an expert on it?  I've got a bunch of DMP panels out there
>>> sending contact ID because it works better for the particular
>>> application.
>> My thoughts also.......... My TROLL Detector has been activated and
>> is in "Alarm Condition".......... I KNOW DMP doesn't deal with
>> homeowners at all, this guy's BS is hard to swallow and smell......
>
> Well, I was wondering how he got a copy of the software, but stranger
> things have happened.  I have Ademco profiles for some of the big
> players.  They just showed up in my mail one day in an unmarked
> envelope with no return address, and an unreadable postmark.  Since I
> never used them I might not even still have them.  I threw a lot away
> when I moved the office a few years ago.

As I said, they gave it to me since I was helpful to them when they were
beginning to rollout Internet monitoring since none of the techs then
knew very much about computers or the Internet...

However, I was able to reverse-engineer the protocol even without
RemoteLink since the DMP ICOM protocol is not encrypted. It just
required a little listening using Wireshark to figure out the protocol
and see that even the remote key is transmitted in the clear...

Maybe one day I will post to this group all the *gaping* security holes
in the DMP internet protocol in general and in the setup of my alarm
company in particular that would allow anybody with even a rudimentary
knowledge of computer programming to cause all type of
havoc both to individual customers and to the alarm monitoring companies
that service them. The holes ae big enough to drive a truck
through. Sadly, even the most low-end e-commerce company uses
inifinitely better security on their websites than DMP uses in its
protocol. Kind of ironic given that we are supposedly talking "security"
companies...



alt.security.alarms Main Index | alt.security.alarms Thread Index | alt.security.alarms Home | Archives Home