09-27-2017 04:18 AM - edited 03-17-2019 11:15 AM
Dear Team,
We need to secure Cisco IPT setup, Please advise to security for
-cisco cucm 11.x
-cisco unity 11.x
-cisco Presence 11.x
-cisco auto attendant
- Sip voice gateway from call hacking
Thanks
09-27-2017 04:23 AM
09-27-2017 05:10 AM
A quick one can be to put a CSS on a SIP trunk for incoming calls to only allow calls to onnet partitions, so as not to allow offnet>>ofnet calls.
do the same on your VCS trunk if you have it, because VCS;s are even more prone to attacks
09-27-2017 06:05 AM
Hello,
Take look here, there is a lot of information:
Regards
Leonardo Santana
09-27-2017 12:01 PM
In addition to the suggestions mentioned by others, make sure that your SIP gateway only allows connections from trusted IPs (generally this would be your CUCM servers, and your ITSP's IPs.
This is done by the following commands:
voice service voip
ip address trusted list
ipv4 172.30.X.X
ipv4 99.30.X.X
Also make sure that the Calling Search Space that your Unity voice mail ports use don't have access to the PSTN. Doing so prevents an attacker from accessing a user's weak voicemail PIN to access their voicemail box, and then changing their transfer rules to forward all calls do that number to an internatioinal number. Unity *might* need access to the PSTN depending on your setup, but it's rare and usually not needed.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: