Hacking of the SV9100
ID# 11514 | Published 4/10/2015 9:59:18 AM | Updated 4/13/2015 7:37:45 AM
Products: SV9100 Categories: PCPro, Programming Tools, Applications, WebPro, Business, Features
What can be done to protect the SV9100 from hacking?
Like other customer sensitive network equipment, the SV9100 should be placed behind a network firewall and all relative ports should be blocked from outside access. To ensure security, port 80 (HTTP) for the WebPro port, port 8000 for the PCPro port should all be secured from outside Internet access.
Along with the above network firewall protection, all user names and passwords should be set to the maximum allowed entries in PRG 90-02. User Names can be set for up to 10 uppercase, lowercase and special alphanumeric characters. Passwords can be set for up to 8 digits using only digits 0-9, * and #. Note: Unlike the User Name, all special characters cannot be used in the password. Only * and # are allowed. Avoid sequential numbers and mix in as many combinations of the allowed digits as possible. An example of usernames and passwords would be:
Username: TeSt96%K#*
Password: *538#*49
When changing the username and passwords, the changes should be documented and stored by the Associate. These changes should also be provided to the customer for safe storage.
If ports are going to be forwarded in the router for Remote Maintenance, then NEC recommends changing the default well known port numbers of WebPro and PCPro in programs 90-54-01 and 90-54-02.
In addition to changing the port numbers and system passwords as described above, if port forwarding of WebPro's port will be used (Not recommended) then you should also go to program 90-28 and change each extension password for User Pro; for the extensions that need access to User Pro; or delete the passwords for extensions that do not need access to User Pro so that it may not be accessed. This will prevent hackers from being able to make changes to individual extensions such as Call Forwarding.
