Threats Targeting the Operating System
When you are securing an operating system, several threats should be considered. Bugs in the operating system, as well as in the services and applications that come with the operating system, can pose severe security threats. Because applications are installed on top of the operating system, even well-written and secure applications can be affected by vulnerabilities in the underlying operating system. Built-in networking services and applications are especially sensitive because they are exposed to remote attacks. That vulnerability also applies to the IP stack in the Windows operating system. The IP stack has a strategic importance and, unfortunately, also a long tradition of more and less severe security issues. These issues result not only from the particular implementation of the IP protocol, but also from the lack of security mechanisms in the protocol itself. As shown in Figure 20-1, password and account policies as well as insecure Windows configuration settings pose security concerns in the foundation Cisco CallManager operating system.
Figure 20-1. Threats Targeting the Windows Operating System
Microsoft Windows, as the most popular operating system, is well-known to the public. As a result, many known issues are related to its password policies as well as vulnerabilities in the operating system default settings. An attacker might try to log in to the operating system using the Administrator account with commonly used passwords. In Microsoft networking, File and Print Sharing services can be used (and might have been turned on by default in some versions of Windows) to allow access to file shares without any security checking.
Another threat to the system is malicious code execution by viruses, worms, or Trojan horses. Protection against these threats consists of blocking the threats from the system and detecting and eliminating attacks that were not blocked.
Finally and extremely important is the fact that server-operating systems are vulnerable to denial of service (DoS) attacks. If the server operating system cannot resist DoS attacks, an attacker can tear down the whole IP telephony infrastructure with a single, focused attack against Cisco CallManager nodes. Besides other methods (separating the server network from other parts of the network and establishing access control), the server itself should be hardened to resist at least simple and common DoS attacks.
Lowering the Threats in Windows Operating System
You can divide the possible countermeasures against attacks to the operating system itself into measures that eliminate vulnerabilities to certain threats and methods to protect the system against attacks exploiting the remaining vulnerabilities.
The following are practices to reduce possible vulnerabilities:
- Harden the Windows operating system with Cisco operating system upgrades.
- Deploy the Cisco security and hot fix policy.
- Implement a secure Windows password policy.
- Protect against common exploits involving Windows.
- Protect against attacks from the network by using the following:
- Antivirus software
- Cisco Security Agent
To protect against bugs and exploits involving Microsoft Windows, Cisco provides an already hardened version of the Windows operating system called Cisco IP Telephony Operating System. You must keep the Windows 2000 Server up to date to secure the operating system against new security holes. For that reason, Cisco provides operating system upgrades and hot fixes. Cisco CallManager and other Cisco IP telephony applications require these upgrades to function properly.
Cisco uses the Cisco IP Telephony Operating System in several Cisco IP Telephony Application Server components, such as Cisco CallManager, Cisco Emergency Responder (ER), Cisco IP Contact Center (IPCC), and Cisco Interactive Voice Response (IVR). Cisco builds the IP Telephony Operating System upgrades on top of each other and they are incrementally more secure. The upgrades provide changes to, for example, the IP stack, file system, Registry, access control lists (ACLs), and dynamic link library (DLL) engines.
Note
Before you run an operating system upgrade provided by Cisco, read the release notes for that upgrade carefully. The operating system upgrade might not apply to your installation and could harm the running applications. Before upgrading, verify that you are using the proper operating system upgrade for your Cisco CallManager version. It is also a good practice to consider making a backup before upgrading the Cisco IP Telephony Operating System.
Cisco IP Telephony Operating System upgrades can be downloaded from Cisco.com at http://www.cisco.com/cgi-bin/tablebuild.pl/cmva-3des (requires CCO account).