<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>I believe all you really need are all the partitions the
phones are in and if you are sending any calls to IPCC, you need the partitions
the CTI route points and CTI ports are in. In addition, if you are using CTI
route points as phantom numbers for forwarding, etc. And any partition that
contains translations. </FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>The best would be to review each of your partitions and decide
if Unity has to call it. I don't think there are any hard and fast rules of what
it needs, etc. Previous versions of callmanager (3.x and below I believe) that
used call forwarding would need access to the partition the voicemail ports are
in as well. That was definately a hard and fast rule.</FONT></DIV>
<DIV> </DIV>
<DIV>--------------------------------------------------------------------------------<BR>Lelio
Fulgenzi, B.A.<BR>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario
N1G 2W1<BR>(519) 824-4120 x56354 (519) 767-1060 FAX
(JNHN)<BR>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<BR>"I can eat fifty eggs." "Nobody can eat fifty eggs."</DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=Nick.Kassel@charles-stanley.co.uk
href="mailto:Nick.Kassel@charles-stanley.co.uk">Nick Kassel</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=erickbe@yahoo.com
href="mailto:erickbe@yahoo.com">Erick Bergquist</A> ; <A title=it@cimgroup.com
href="mailto:it@cimgroup.com">IT</A> ; <A title=Scott.Voll@wesd.org
href="mailto:Scott.Voll@wesd.org">Voll, Scott</A> ; <A
title=puckcisco@cumhur.com
href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A> ; <A
title=cisco-voip@puck.nether.net
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Thursday, September 14, 2006 4:29
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [cisco-voip] vulnerable
gateway?</DIV>
<DIV><BR></DIV>What partitions does the Voicemail CSS need to access, we
appear to have<BR>spurious partitions added to this CSS and I'm not sure they
need to be<BR>there?<BR><BR>-----Original Message-----<BR>From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>[mailto:cisco-voip-bounces@puck.nether.net]
On Behalf Of Erick Bergquist<BR>Sent: Wednesday, September 13, 2006 4:03
AM<BR>To: IT; Voll, Scott; <A
href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A>; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
Re: [cisco-voip] vulnerable gateway?<BR><BR>You can limit this with the
restriction tables in unity and ultimately<BR>with the CSS set on the Call
Manager VM Port configuration. <BR><BR>----- Original Message ----<BR>From: IT
<<A href="mailto:it@cimgroup.com">it@cimgroup.com</A>><BR>To: "Voll,
Scott" <<A href="mailto:Scott.Voll@wesd.org">Scott.Voll@wesd.org</A>>;
IT <<A href="mailto:it@cimgroup.com">it@cimgroup.com</A>>;<BR><A
href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A>; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Sent:
Tuesday, September 12, 2006 5:42:04 PM<BR>Subject: Re: [cisco-voip] vulnerable
gateway?<BR><BR>But where in unity is someone able to route their call to any
arbitrary<BR>phone number?<BR><BR>-----Original Message-----<BR>From: Voll,
Scott [mailto:Scott.Voll@wesd.org] <BR>Sent: Tuesday, September 12, 2006 3:37
PM<BR>To: IT; <A href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A>;
<A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
RE: [cisco-voip] vulnerable gateway?<BR><BR>I would agree with TAC per your
CDR of CiscoUM-VI1.<BR><BR>Scott<BR><BR>-----Original Message-----<BR>From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>[mailto:cisco-voip-bounces@puck.nether.net]
On Behalf Of IT<BR>Sent: Tuesday, September 12, 2006 3:29 PM<BR>To: <A
href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A>; IT; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
Re: [cisco-voip] vulnerable gateway?<BR><BR>Actually, I tried both UDP and
TCP.<BR>Would it still show up under a portscan? TAC seems to think they came
in<BR>through voicemail...<BR><BR>-----Original Message-----<BR>From: cumbur
[mailto:zeus@cumhur.com] On Behalf Of <A
href="mailto:puckcisco@cumhur.com">puckcisco@cumhur.com</A><BR>Sent: Tuesday,
September 12, 2006 3:19 PM<BR>To: IT; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
RE: [cisco-voip] vulnerable gateway?<BR><BR>Dear Avidan,<BR><BR>H323 use TCP
1720 (not udp) port for call initiation also don't forget<BR>to<BR>block
SIP ports TCP/UDP 5060.<BR><BR>Regards.<BR>Cumhur<BR><BR>-----Original
Message-----<BR>From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>[mailto:cisco-voip-bounces@puck.nether.net]
On Behalf Of IT<BR>Sent: Wednesday, September 13, 2006 12:59 AM<BR>To: <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
[cisco-voip] vulnerable gateway?<BR><BR>I just got a call from my long
distance provider that someone has been<BR>using my PRI for many international
calls. I check my CDR database<BR>tables, and it appears that calls have been
coming from one of my branch<BR>office 2801's. But, in the CDR table, the
origDeviceName alternates<BR>between the name of the gateway and
CiscoUM-VI1.<BR>I ran a port scan against the router, and found that h.323 and
callbook<BR>ports were open to the public. I shutdown the interface that had
those<BR>ports open, because when I tried to do a "access-list 100 deny udp
any<BR>any eq 1720" it still shows as open on the portscan.<BR><BR>How can I
secure/lock H.323 on these branch devices?<BR>How did someone utilize my
gateway to make these calls?<BR>How can I avoid this in the future?<BR><BR>I
guess I should have made sure that the consulting group that set up<BR>these
gateways in the first place locked them down, but hindsight
is<BR>20/20.<BR><BR>Thanks,<BR>Avidan<BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR><BR><BR><BR>--
<BR>No virus found in this incoming message.<BR>Checked by AVG Free
Edition.<BR>Version: 7.1.405 / Virus Database: 268.12.3/446 - Release
Date:<BR>12/09/2006<BR><BR><BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR><BR><BR><BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>***********************************************************************************************<BR><BR>The
information contained in this e-mail is strictly confidential, some or
all<BR>of which may be legally privileged. It is for the intended recipient
only.<BR>Access to this e-mail by any other person is prohibited. If you are
not the<BR>intended recipient, any use, disclosure, copying, printing,
distribution of,<BR>replying to or any action taken or omitted to be taken in
reliance on this<BR>e-mail, is prohibited and may be unlawful. Please contact
the sender immediately<BR>should this e-mail have been incorrectly addressed
or transmitted.<BR><BR>You accept that any instructions are deemed to have
been given at the time the<BR>recipient(s) accesses them and that delivery
receipt does not constitute<BR>acknowledgement or receipt by the intended
recipient(s). You accept that there<BR>may be a delay in processing the
instructions received from e-mails after<BR>Charles Stanley has received them.
You are advised that urgent, time sensitive<BR>and confidential communications
should not be sent by e-mail. <BR><BR>You acknowledge that e-mails are not
secure and you accept the risk of<BR>malfunction, viruses, unauthorised
interference, mis-delivery or
delay.<BR>************************************************************************************************<BR><BR><BR>Charles
Stanley & Co. Ltd<BR>Registered Office: 25 Luke Street London EC2A
4AR<BR><BR>Tel: 0207 739 8200 Fax: 0207 739 7798<BR>Registered in England No.
1903304<BR><BR>Charles Stanley Sutherlands and Charles Stanley Securities are
divisions of Charles Stanley & Co. Ltd<BR><BR>Authorised and Regulated by
the Financial Services Authority, Member of the<BR>London Stock Exchange,
International Securities Markets Association, and The London International
Financial Futures &<BR>Options Exchange.<BR><BR>This footnote also
confirms that this email message has been swept by McAfee<BR>VirusScan and
SurfControl Email Filter
software.<BR><BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR></BLOCKQUOTE></BODY></HTML>