Security Practices

[RLyon]

What are good security practices that one should implement to prevent the system from getting hacked? I am getting  Invalid Extension Dialed -SIP PEER: 'P9001, SIP device: 1000, number: 94981235854

[Tech Electronics]

RLyon,

That is a loaded question that covers a lot of topics, but for this use case you could set the SIP Peer Phone Group P9001 to use a Static Binding instead of a username and password; remember you have to reset the phone system to get a static binding to take effect. This would also require that the SIP x1000 be set to a static IP Address as well.

Thanks,

TE

[RLyon]

Thank you for that tip. I did change that. I also watched Mitels Toll Fraud video. I changed the VM password. Was looking for the trunk to trunk dialing but can not find it. They are still getting in and making multiple 911 calls. I took the phones out of service in the mean time till I find a solution.

[Dogbreath]

Are you letting SIP in from the internet?

[acejavelin]

Assuming you need port 5060 open from the public Internet for trunking (otherwise, close it!), use a complex password... We use a 16 character random password like "FjSQmW7hLj8dz!dv" (randomly generated by Roboform) and that usually is sufficient since there is no MAC address restrictions in the 250.