[cisco-voip] CUCM6 linux distro
Philip Walenta
pwalenta at wi.rr.com
Thu Aug 28 08:38:57 EDT 2008
The RHEL3 that Cisco uses is hardened. They also run CSA (Cisco security
agent) on the appliance. It's a very tough box to crack. I believe the
only things found to date have been various buffer/stack overflows when
targeting specific fields in SIP and SCCP.
In short it is a pretty darn secure system.
-----Original Message-----
From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of
A.L.M.Buxey at lboro.ac.uk
Sent: Thursday, August 28, 2008 3:36 AM
To: Voice Noob
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] CUCM6 linux distro
Hi,
> Database is informix. Distro is RHEL.
> Why does it matter what they are. It is an appliance and the give you
> the tools t
security would be the obvious answer. is the distro and packages up to date
- what services does it run, are they listening on any ports, is there a
firewall used to protect listening ports or are services carefully
configured to negate this.
are default or known username/passwords on the system..hardcoded
dbadmin/dbpass, for example. in 'ye olde days' when an applicance was coded
for its purpose..didnt matter as much. now, when appliances are based on
Linux, Windows (or OSX!) these things are of a major concern...you have a
fully operational system that, if compromised would/could give enhanced
access to the network and other systems..
but also then be subverted for free trunk calls to south asia or greenland
etc.
alan
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
More information about the cisco-voip
mailing list