Information gathering is one of the most powerful tools at a hacker's disposal. As you have seen, there is no lack of sensitive information to be had through enumeration. Fortunately, it's also a tool you can use to harden your network against many of the simple techniques outlined in this chapter. Here are some general tenets to follow when configuring the phones, servers, and networking equipment on your network:
Restrict access to as many administrative services as possible through firewall rules and switch VLAN segmentation.
Change default administrative passwords, community strings, and usernames (if applicable ) to mitigate brute-force attacks.
Turn off as many services as possible to avoid extraneous information leakage.
Perform regular security sweeps using automated and manual scans .
Deploy VoIP-aware firewalls and intrusion prevention systems to detect many of the reconnaissance attacks outlined in this chapter.