Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1966
Views
0
Helpful
3
Replies

Toll Fraud VCS

Go to solution
pcromwell
Level 3
Level 3

‎06-12-2016 11:11 PM - edited ‎03-18-2019 12:46 PM

I have read the previous discussions around Toll fraud prevention and wanted to just clarify If my scenario is okay.

We are using the VCS-C and E for Video endpoint registrations and have also enabled MRA for Jabber clients to connect externally.

There is also a Trunk from CUCM to allow internal connections between CUCM registered devices and VCS endpoints.

The Video endpoints registered to the VCS, are allowed to make outgoing calls across this trunk, which will then route out to the PSTN gateway.

I have setup the VCS-C to only accept Registrations from the allow list.  Do I need to do anything on the VCS-C or E to stop toll fraud?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎06-13-2016 07:44 AM

Toll fraud doesn't have anything to do with registrations on the VCS, it's simply the fact that your VCS-E can accept incoming calls from the public internet. You should disable UDP in the SIP settings on the VCS-E, it should be disabled by default, but in some cases it might still be enabled if your VCS was installed prior to the setting being disabled by default for new installs.

There are other methods these days where people are trying to use H323 to attempt toll fraud, but this is difficult to prevent as you can't simply turn off H323, you should simply keep an eye on the VCS-E search history for any strange incoming calls you don't regcognize, then create a CLP script that can block those calls. There are a lot of threads throughout the forums that are a good resource to understand and how to at least mitigate toll fraud.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎06-13-2016 07:44 AM

Toll fraud doesn't have anything to do with registrations on the VCS, it's simply the fact that your VCS-E can accept incoming calls from the public internet. You should disable UDP in the SIP settings on the VCS-E, it should be disabled by default, but in some cases it might still be enabled if your VCS was installed prior to the setting being disabled by default for new installs.

There are other methods these days where people are trying to use H323 to attempt toll fraud, but this is difficult to prevent as you can't simply turn off H323, you should simply keep an eye on the VCS-E search history for any strange incoming calls you don't regcognize, then create a CLP script that can block those calls. There are a lot of threads throughout the forums that are a good resource to understand and how to at least mitigate toll fraud.

0 Helpful

Go to solution
pcromwell
Level 3
Level 3
In response to Patrick Sparkman

‎06-13-2016 08:23 AM

Thanks Patrick, I have UDP disabled. I guess I could also just make sure the trunk cannot make intl calls if the Video endpoints don't require it

0 Helpful

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni
In response to pcromwell

‎06-13-2016 08:26 AM

Having SIP UDP disabled will stop most of the toll fraud, as it's usually SIP based.  Those that come in via H323 can't simply be disabled or turned off by a setting, and would require CPL for example.

0 Helpful
Customers Also Viewed These Support Documents