Follow

Cisco spam calls or unknown SIP calls

Cisco spam calls or unknown SIP calls

If the system is on public IP or reachable from the outside and not protected well enough. This makes it possible to initiate SIP calls over direct IP. Placing a codec on a public IP can allow calls from SIP scanners. These scanners (e.g. SipVicious) are used to detect possibilities for exploiting PSTN trunks.

Solution:
Upgrade to TC6.2.0 or later and execute the
following configurations:
xConfiguration SIP ListenPort: Off
xConfiguration SIP Profile 1 Outbound: On

Workaround
Make sure the system is well protected and that it is placed in DMZ if you need to have it on public IP. It is possible to only allow calls from the VCS by disabling the listenport on 5060/5061, but then SIP outbound needs to be enabled so that the VCS can reach the endpoint.
xConfiguration SIP ListenPort: Off
xConfiguration SIP Profile 1 Outbound:

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments