The IP phone contains key information about the IP addresses of the Cisco CallManager, network gateway, TFTP server, and DNS servers. Obtaining this information allows a hacker to map out the location of key network resources.



Only Cisco's flagship phones, the 7940, 7960, and 7970, support configuration file authentication. The 7920 wireless handset does not support this feature.



You can find all the security settings for an IP phone under the Phone Configuration window in the Cisco CallManager administration utility.



To access the built-in web server of an IP phone, simply access the URL http://IP-Phone's-IP-address. There are no security options; you will be directed to a page giving all the information about the IP phone's network settings.



Gratuitous ARP attackers always operate from the local network. This is necessary due to the nature of ARP packets.



Even with authentication and encryption features enabled, SCCP maintains its signaling role. There are no currently known attacks against Skinny signaling, so there was no reason to secure it further.



An IP phone can provide all the preceding information with the exception of the intranet server address.



Cisco CallManager does not allow you to disable the PC port of the 7912 IP Phone. Filling the PC port of the phone with glue (or some similarly drastic step), or downgrading to the 7905 IP Phone is the best step for now.



Secure Sockets Layer (SSL) was the predecessor to Transport Layer Security (TLS). SSL was primarily applied to HTTPS connections, whereas TLS became more universally used.



Since Cisco CallManager 3.3(3), the signed firmware validation feature is already enabled. This prevents hackers from constructing their own, rogue firmware images for the Cisco IP Phones.

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions


Authorized Self-Study Guide Cisco IP Telephony (CIPT)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
ISBN: 158705261X
EAN: 2147483647
Year: 2004
Pages: 329

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net