[cisco-voip] CUCM6 linux distro

Mark J markju at gmail.com
Thu Aug 28 09:10:14 EDT 2008 

Secure unless you have physical access to the device and you're able to make
your own root user account on the device...



2008/8/28 Philip Walenta <pwalenta at wi.rr.com>

> The RHEL3 that Cisco uses is hardened.  They also run CSA (Cisco security
> agent) on the appliance.  It's a very tough box to crack.  I believe the
> only things found to date have been various buffer/stack overflows when
> targeting specific fields in SIP and SCCP.
>
> In short it is a pretty darn secure system.
>
> -----Original Message-----
> From: cisco-voip-bounces at puck.nether.net
> [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of
> A.L.M.Buxey at lboro.ac.uk
> Sent: Thursday, August 28, 2008 3:36 AM
> To: Voice Noob
> Cc: cisco-voip at puck.nether.net
> Subject: Re: [cisco-voip] CUCM6 linux distro
>
> Hi,
> > Database is informix. Distro is RHEL.
> > Why does it matter what they are. It is an appliance and the give you
> > the tools t
>
> security would be the obvious answer.  is the distro and packages up to
> date
> - what services does it run, are they listening on any ports, is there a
> firewall used to protect listening ports or are services carefully
> configured to negate this.
> are default or known username/passwords on the system..hardcoded
> dbadmin/dbpass, for example.  in 'ye olde days' when an applicance was
> coded
> for its purpose..didnt matter as much. now, when appliances are based on
> Linux, Windows (or OSX!) these things are of a major concern...you have a
> fully operational system that, if compromised would/could give enhanced
> access to the network and other systems..
> but also then be subverted for free trunk calls to south asia or greenland
> etc.
>
> alan
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20080828/543bc1df/attachment.html>

More information about the cisco-voip mailing list