No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Enterprise
Worldwide
Huawei Global - English
Search
Support Documentation
NetEngine AR V300R019 CLI-based Configuration Guide - Voice
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Preventing Registration or Login of Unauthorized Users

Preventing Registration or Login of Unauthorized Users

This section describes how to configure the IP whitelist, configure user password authentication, and change the self-help service password to prevent unauthorized users from registering with the PBX or using the default password to log in to the self-help service to modify data or make a call fraud.

Configuring the IP Whitelist

After IP addresses of IP phones are added to the whitelist, such IP addresses can be correctly registered. For details, see Configuring the Whitelist.

Configuring User Password Authentication

It is recommended that password authentication be configured when users are added. Password authentication prevents unauthorized users from using user names to register with the PBX. For details, see Configuring a SIP User.

If no password is configured for a registered user or the password leaks, unauthorized users can make a call fraud through the registered user.

Changing the Self-Help Service Password

The default username and password are available in AR Router Default Usernames and Passwords (Enterprise Network or Carrier). If you have not obtained the access permission of the document, see Help on the website to find out how to obtain it. To ensure password security, change the password periodically.
  • For enterprise users, access the web self-help service system using the corresponding user name and password. After a successful login, click Change Password in the upper right corner to change the password.
  • For the administrator, run the web-password cipher command in the user view to change the password.

If the self-help service password is not changed or kept, unauthorized users may use this password to log in to the PBX to modify conference management and service registration data, for example, configure the PBX to forward all calls to a destination toll call number.

Defense Against Brute Force Registration

After the user registration number fails authentication, the PBX records the failure time. When the user registers with the PBX again, the PBX determines the difference between the current system time and last failure time. If the difference is larger than the protection time, the registration process is used. Otherwise, the system displays a message indicating registration failure. The protection time after registration failure can be set through control point 205. For details, see pbx number-parameter.

The default value of control point 205 is 10. The value of control point 205 ranges from 0 to 300, in seconds. It is recommended that you adjust the protection time to a proper value. If a short protection time is used, unauthorized users may continuously use different passwords to initiate registration to the PBX, and the user passwords may finally be cracked.

Translation
简体中文
Download
Updated: 2021-11-30

Document ID: EDOC1100112359

Views: 117256

Downloads: 523

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :