Hackers are are always looking to exploit networks with little or no firewall protection, and IP phone systems are no exception.
The hackers use malicious software to trawl the internet to find unprotected phone systems. The software then tries various code combinations to find a way out through the system onto the Public Switched Telephone Network (PSTN). If it achieves this, the hacker can make free phone calls at other people's expense. Alternatively, the software could repeatedly dial an 0898 number and run up massive charges that end up in the hackers bank account.
A system that has been installed with the right protection will not be exposed to this type of abuse. The first line of defence against this is to configure rules into your firewall so that your network only accepts packets on TCP ports 50 and 60 from trusted IP addresses. Secondly, the phone system needs to be configured to prevent unauthorised outbound calls.
One symptom of an attack is that extensions on your phone system start to ring as the software tries various code combinations. When you lift the receiver, you get silence.
This only affects IP phone systems that connect to the outside world via the internet. If you only use ISDN, you are not exposed.
To have your firewall checked by experts, contact Lynx Networks.
Alan Bullen
Lynx Networks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment