Security Audit

[limonic]

hi
my one customer wanted from me
'' Can you please ask your local maintenance vendor to complete a Nortel approved full security audit on the EMC Turkey PBX Phone system and voice mail system.
We need to identify any and all vulnerabilities.

Please let me know if they need a copy of the Nortel Security Audit template. They should have a copy of this or be able to obtain it themselves anyway. ''

can I find something like this.
please help.
thanks.

 

[GHTROUT]

This should lead you to the NTP on that topic:

http://support.nortel.com/go/main.jsp?cscat=DOCDETAIL&DocumentOID=827665&searched=ovly

~~~
[small]GHTROUT.com | Get the Input/Output Manuals | Tek-Tips FAQs | Recent Replies[/small]

 

[tnphoneman]

If it is powered on it is insecure. You can only make it as difficult as possible.

Some hints

NO DISA
Force Password changes on Mailboxes
PBX passwords changed from defaults

Those are the big glaring holes.

Signature===========================================

http://www.greatwhitetechnologies.com

Aastra Authorized Reseller

 

[GHTROUT]

To me, the biggest hole is voice mail's auto-attendant capability.

The next biggest hole is social engineering from the outside... "This is Mr. Big, transfer me to my associate in New York" ... "What!? you don't know who I am?!...while I could have you fired!"

Employee Response: "One moment and I'll transfer you"


~~~
[small]GHTROUT.com | Get the Input/Output Manuals | Tek-Tips FAQs | Recent Replies[/small]