[cisco-voip] SIP port open on CCME by default?
Kelemen Zoltan
keli at carocomp.ro
Wed Jan 16 04:41:26 EST 2008
Hi,
We have a few CCME installations
(Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version
12.4(11)T1, RELEASE SOFTWARE (fc5))
and we had some unpleasant surprise when we found one of them was
routing unknown calls as mad.
It *seems*, calls were entering through SIP, since the routers have
public IPs.
However, the router has no SIP related configuration whatsoever and SIP
wasn't ever intended to be used on it. To our surprise, however,
5060/tcp, the SIP port was open on the router, and another CCME I have
verified has it open as well (again, not configured for SIP)
Is this normal to have the SIP port open?
If so, is it possible to have unauthenticated calls injected into the
CCME this way?
And last but not the least, how can it be turned off? (ACLs and/or
firewalls can be used of course -- and we killed off the port like that
-- but I was thinking killing the service itself that keeps the port open)
I have tried using "no" form of a few sip commands but it doesn't help
and it doesn't appear in the config (thus I suppose they were off by
default, anyway)
thanks,
Zoltan
More information about the cisco-voip
mailing list