H.323 Cisco Spam Calls
H.323 Cisco Spam Calls – How is this possible?
These spam calls are being initiated by a special tool illegally installed on cloud hosted servers, which has been automated to scan a random list of IP addresses on the H.323 VC protocol (i.e. targeting VC systems). These calls appear as though they are coming from real IP addresses, making them seem legitimate, and making it difficult for the VC system to identify and block them.
The four major VC vendors (Cisco, Polycom, Lifesize and Avaya) are aware of the issue and are investigating. As soon as we have any further information on the matter, we will be sure to update you.
In the interim, there are a few measures that can be taken to help protect your VC system:
- Deploy a Traversal server (Video Conference Firewall) on your network to protect your system
- Configure your firewall to block the source IP addesses (if known) – please see the attached list of known IP addresses to be blocked
- Disable the “Auto Answer” option on your system when you don’t need it.
- Enable “Do Not Disturb” (if it supported by your system) when you are not expecting any inbound call / additional participant joining a Multiway conference.
#Note: You might already have some of these measures in place. Please do contact us if you are unsure on any of the above.
Should you encounter any of these spam calls, please do not hesitate to contact us.
Here is a list of IP Addresses you can block on your firewall. Please be so kind to forward us any additional IP addresses that we can add to this list.