From Voice Video Services Policy STIG
Part of Deficient Security: Unnecessary PPS disablement
The availability of applications and services that are not necessary for the OAM&P of the VVoIP system’s devices and servers, running or not as well as the existence of their code, places them at risk of being attacked and these avenues exploited. As such they should be removed if possible or minimally disabled so they cannot run and be exploited.
Scan the VVoIP system VLANs with a network scanner to determine the PPS running on the system and what protocols system devices are listening for, and on what IP ports. This is a finding in the event ports are open or protocols are found that are not required by the system to effect system OAM&P in the specific implementation of the system. For example if HTTP is evident, and the system is not managed via HTTP and HTTP is not required for other system functions, then this is an unnecessary PPS resulting in a finding under this requirement.
Disable all PPS on all VVoIP or UC system servers and sevices that are not required to support OAM&P in the specific VVoIP system implementation. Additionally, if possible, remove the software for the unnecessary PPS.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer