Hard Phones

Cisco, Avaya, and Polycom hard phones are probably the most popular phones in enterprise networks. Regardless of vendor, though, any type of hard phone comes with security issues. For example, an attacker can compromise the phone's configuration file or simply upload a malicious one. Fortunately, username and password information is usually not stored in the hard phone's configuration file, so the impact an attacker can have if the file is compromised is somewhat mitigated. Instead, the risks of a hard phone's vulnerabilities are general enumeration attacks and Denial of Service (DoS) attacks. The following sections will discuss these VoIP hard phone vulnerabilities:

  • Compromising the phone's configuration file

  • Uploading a malicious configuration ...

Get Hacking VoIP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.