What happens?
- You get continuous calls from random IP addresses on your Video Conferencing Unit.
What is happening?
You're being scanned by someone looking to make free phone calls. These guys are getting to be very bothersome, they're now trying on both UDP and TCP via H.323.
If your IP is set to Public then at some point everyone could get into this issue.
What can be done?
- Deploy Video Border Proxy (VBP)
but it is very expensive at least for me.
http://www.polycom.com.au/products-services/realpresence-platform/universal-access-security/vbp-e-series.html
You could try:
Configure firewall to block all incoming IPs except for those you specify or allow to dial incoming into your network.
You have a VBP, you may be able to adjust settings there to block the calls (like on a Cisco VCS you can create a CPL script that can stop calls)
I'm not aware of a way on the endpoints to prevent these calls, because this is using H323 TCP, it's very hard to prevent them without breaking H323.
Other ways:
- Put the device to 'DO NOT DISTURB' mode.
This might help as the hackers might think that you have a firewall system.
- Shutdown the system.
This might be helpful but hackers might still put you in their wishlist.
- Disconnect the LAN while device is not in use.
This might be helpful but hackers might still put you in their wishlist.
- You get continuous calls from random IP addresses on your Video Conferencing Unit.
What is happening?
You're being scanned by someone looking to make free phone calls. These guys are getting to be very bothersome, they're now trying on both UDP and TCP via H.323.
If your IP is set to Public then at some point everyone could get into this issue.
What can be done?
- Deploy Video Border Proxy (VBP)
but it is very expensive at least for me.
http://www.polycom.com.au/products-services/realpresence-platform/universal-access-security/vbp-e-series.html
You could try:
Configure firewall to block all incoming IPs except for those you specify or allow to dial incoming into your network.
You have a VBP, you may be able to adjust settings there to block the calls (like on a Cisco VCS you can create a CPL script that can stop calls)
I'm not aware of a way on the endpoints to prevent these calls, because this is using H323 TCP, it's very hard to prevent them without breaking H323.
Other ways:
- Put the device to 'DO NOT DISTURB' mode.
This might help as the hackers might think that you have a firewall system.
- Shutdown the system.
This might be helpful but hackers might still put you in their wishlist.
- Disconnect the LAN while device is not in use.
This might be helpful but hackers might still put you in their wishlist.
No comments:
Post a Comment