03-13-2017 12:23 AM - edited 03-17-2019 09:47 AM
Hi,
Can also happen toll-fraud on CUCM as in CME ??
If yes, which is the best idea to protect from toll-fraud on CUM with E1-link ??
Any suggest?
Thanks in Advance,
GV
Solved! Go to Solution.
03-13-2017 02:42 AM
The CME toll-fraud mechanism is built-in CUCM since beginning. CUCM will drop calls from unknown sources which aren't defined as trunks or gateways (this can be changed using service parameters).
From this aspect CUCM is protected. However, some of the attackers will use the response message from CUCM (Internal Server Error 500) for reconnaissance such as CUCM supported messages, CUCM version, CUCM IP etc. This will require looking at other stuff such as authentication and encryption messaging.
03-13-2017 02:42 AM
The CME toll-fraud mechanism is built-in CUCM since beginning. CUCM will drop calls from unknown sources which aren't defined as trunks or gateways (this can be changed using service parameters).
From this aspect CUCM is protected. However, some of the attackers will use the response message from CUCM (Internal Server Error 500) for reconnaissance such as CUCM supported messages, CUCM version, CUCM IP etc. This will require looking at other stuff such as authentication and encryption messaging.
03-13-2017 03:51 AM
Here is an article about preventing toll fraud regarding CME
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/admin/configuration/manual/cmeadm/cmetoll.html
03-13-2017 08:16 AM
Hi
This could help you out
http://www.shanekillen.com/2013/03/how-to-prevent-toll-fraud-on.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide