I have just been conducted a small security review on our VoIP network. One of the issues I have found is that SNMP v2c is enabled and I know this to be a insecure protocol.
When I questioned our IT department they stated that the CUCM system does not respond to SNMP v2 commands and that SNMP agents are configured not to respond to update commands.
My understanding is that if a service is not being used it should be disabled completely. My concern is that if an attacker was able to get a foothold on our VoIP network, that they would be able to reconfigure the agents to accept SNMP commands and then use this to further attack the network. Is this possible at all and is the current solution to the problem a sufficient one? If not, what is the best way to deal with this problem if SNMP is not being used?
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...
The below trick might come handy when you have to add a new node to a cluster but you don't have or is unsure of the security password for the publisher. This procedure has been around for ages.
1) Login into the CLI of the Publisher.