Preventing Registration or Login of Unauthorized Users

<< Click to Display Table of Contents >>

Navigation:  Configuration > Configuration Guide (Web Mode) > Configuring Toll Fraud Prevention >

Preventing Registration or Login of Unauthorized Users

Navigation: Configuration > Configuration Guide (Web Mode) > Configuring Toll Fraud Prevention >

hm_btn_navigate_prevhm_btn_navigate_tophm_btn_navigate_next

This section describes how to configure the IP whitelist, configure user password authentication, and change the self-help service password to prevent unauthorized users from registering with the unified gateway or using the default password to log in to the self-help service to modify data or make a call fraud.

Configuring User Password Authentication

It is recommended that password authentication, IP and passwrd authentication or IP Pool be configured when users are added. Password authentication prevents unauthorized users from using user names to register with the unified gateway.

public_sys-resources_notice_3.0-en-us

ϒ⁄To improve account security, You must configure authentication when registering SIP users.

ϒ⁄If no password is configured for a registered user or the password leaks, unauthorized users can make a call fraud through the registered user.

Figure 1 Create User

26Changing the Self-Help Service Password

To ensure password security, change the password periodically. For enterprise users, access the web self-help service system using the corresponding user name and password. After a successful login, click Change Password in the upper right corner to change the password.

public_sys-resources_notice_3.0-en-us

If the self-help service password is not changed or kept, unauthorized users may use this password to log in to the unified gateway to modify conference management and service registration data, for example, configure the unified gateway to forward all calls to a destination toll call number.

Defense Against Brute Force Registration

ϒ⁄After the user registration number fails authentication, the unified gateway records the failure time. When the user registers with the unified gateway again, the unified gateway determines the difference between the current system time and last failure time. If the difference is larger than the protection time, the registration process is used. Otherwise, the system displays a message indicating registration failure. The protection time can be configured by modifying the SIP parameter control point. You can run the config modify sip parameter regfailedcnt regfailedcnt regfreezeinterval regfreezeintervalcommand to configure the maximum registration attempts and protection time.

Parent Topic: Configuring Toll Fraud Prevention

 

 

< Previous topic Next topic >