Penetration Testing mailing list archives
Re: VoIP Call manager configuration Review
From: Dave Howe <David.Howe () ansgroup co uk>
Date: Wed, 06 Feb 2008 23:39:38 +0000
sisram2 () gmail com wrote:
Hi Folks,
I am doing the Cisco call manager configuration review for the first time.
Can some provide me with the lead, as to what all I need to check ?
From what I can recall, normally the CCM (hard) nodes are vlanned off from the live network and often locked by MAC - software VoIP phones obviously being the exception. I don't have a standard test doc for it though.
There are skinny and sip sniffers that might be worth trying. Getting to where you can see the traffic (given the aformentioned MAC locks) can be problematic though.
See http://www.voipsa.org/Resources/tools.php for some useful stuff.
Further, is there a way to download the configuration file from the call manager so that i can review it locally on my PC ?
Sure. you can use the backup facility on the web interface to back up the entire config (along with the contents of the tftp) to any sftp server. If you check with the server admins, they may be doing this anyhow for DR purposes.
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- VoIP Call manager configuration Review sisram2 (Feb 06)
- Re: VoIP Call manager configuration Review Dave Howe (Feb 07)
- RE: VoIP Call manager configuration Review Thor (Hammer of God) (Feb 07)