1
edit
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
mNo edit summary |
(General expansion and details on vuln) |
||
|3.8.6
|
|}▼
|-
|7940G
|SIP41.8-5-4S
|Appears stable
|-
|7940G
|SIP41.9-4-2SR1-1S
|Phone runs sluggish, reboots randomly, not recommended
▲|}
{| class="wikitable"
|No
|}
'''* Important *'''
Whilst testing SIP41.8-5-4S it appears the phone/firmware is vulnerable to a SIP/UDP amplification attack where crafted SIP 'INVITE' packets sent on UDP 5600 cause the phone to respond to it's upstream SIP gateway with multiple SIP 2.0 '404' packets. Measured at a rate of approximately 20 packets/second, whilst not a major cause for concern with a single phone could potentially cause service issues where several phones are in use.
This vulnerability is protected against by correct firewall protection/filtering limiting inbound UDP on SIP port 5600 to the phone to be exclusively from
the parent SIP service (e.g. voiceless.aa.net.uk - see the VoIP security/firewall section). '''It is not recommended to leave these phones connected to the internet without any protection.'''
==Configuration:==
|
edit