Mitel Forums - The Unofficial Source
Mitel Forums => MiVoice Office 250/Mitel 5000 => Topic started by: mike@ciconi.co.uk on December 10, 2019, 09:39:58 AM
-
We have been Cyber Essentials tested, whilst we passed, the have recommended that we look into:-
"Linux kernel TCP sequence number generation security weakness"
This is on our Mitel 5000 IP address, we have VOIP with the following ports open
3998-4000 TCP
443 TCP
4000 TCP
4444 TCP
20001 UDP
50098-50508 UDP
44000 TCP
69 UDP
6004-6261 UDP
6800-6802 TCP
22 TCP
Have we got any not required, could this cause this, or this this just one of those things.
-
Mike,
There are a few of those that you don't want to open up to the Internet; which is where the attack is most likely to come from.
22
69
443
4000
4400
3998-4000
The remainder would need to be open to the Internet if you have Teleworker phones. If this is a concern you could always implement an MBG to sit inbetween the Internet and your MiVO-250.
Thanks,
TE
-
Do you have remote phones? Many of those ports are required for NAT'd remote phones, most of them in fact. 443 and 44000 are for remote administration, although we often change 443 to 8443.
The only one that seriously concerns me is port 22, it should only be forwarded if used with a source IP mask restriction for your vendor, and make sure your admin password is of sufficient complexity and length. 69 is not required and is a common port, I would close it and any remote phones will fail over to 20001. I can't for the life of me remember what 4444 is for though.
-
Thanks, yes we have in the past had remote phones, not currently but may again in the future, so ideally want to keep this available.