SIP GW Compromised

Unanswered Question
Mar 28th, 2010
User Badges:

Hi, I have been asked to look into a customer issue where his SIP GW is compromised, people from the internet make calls through the SIP GW which is then routed via the PSTN. I know that I can implement some security measure by configuring ACLs and only allowing the SIP PROXY address to be allowed through but what other security measures are needed?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadisharifi Wed, 03/31/2010 - 16:56
User Badges:

Hi, After checking their network it's obvious they don't have any security policy implemented, they use 2801 ISR doing everything from routing to security and VOIP for them but they have no security rules configured. I simply applied some ACLS blocking connectivity to SIP and H323 from the net.


This Discussion