10-27-2015 11:38 PM - edited 03-18-2019 05:09 AM
I am receiving unknown incoming sip calls on TelePresence MX300 G2
10-28-2015 10:36 AM
Are they recieving H323 or SIP calls? Depending on which, there are two possible methods to help midigate these calls.
If H323, see Acevirgil's reply. You'll have to rely on your ogranizations firewall to determine who can access the endpoint, either setup using NAT or an ACL.
If SIP, you can turn off SIP on the endpoint.
If you have a call control server such as CUCM or VCS, it's hightly recommended to register the codecs to one of those, and close any open firewalls that go to the codecs.
10-28-2015 12:08 PM
Is your system deployed as stand alone without any registration to VCS or CUCM?
This issue usually encounterd when the video endpoint is configured with public IP address or in deployed in LAN with NAT configuration.
This is caused by an H.323 scanning tool that is part of a penetration testing product called “Metasploit,” which has basically got in to the wrong hands.
The aim of this malicious activity is to carry out “toll-fraud” by forcing the receiving video endpoint to make a dial out call to the PSTN/ISDN network, frequently to a premium rate phone number, which not only costs the victim potentially a large amount of money in call costs but also lines the pockets of the fraudsters who also own the premium rate service. The secondary aim of this activity from less “dangerous” parties is just simply to annoy.
Take a look at this link for some recommendations on how to mitigate this kind of toll-fraud.
https://www.vcwarehouse.com/kb_results.asp?ID=5
regards,
Acevirgil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide