[cisco-voip] Info for answering a pen test report on Expressway

[ROZA, Ariel]

Guys/gals,

A customer of mine had a pen test performed on their Expressway server and 
asked me for advice on correcting the issues reported.

There are three things to fix:

a) SSL 64-bit Block Size Cipher Supported (SWEET32)
b) SSL Medium Strength Cipher Suites Supported (Should support only high 
strength)
c) Clickjacking: X-Frame-Options header missing

For a) I already checked that need an upgrade to version 8.8.3 or later
For b) I suppose I have to review their security/SSL settings,
But what about c)? Is there a way to verify, or is it documented anywhere, 
which HTTP headers are supported by the platform, and better yet, in which 
version? I have searched thorugh the site, and saw several Expressway debugs 
that show the header being used, but have no reference points like version 
numbers, or similar.

My customer Expressway version is 8.8.2

Regards,

Ariel.

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Multicast Video to SIP

[Anthony Holloway]

Watching a multicast video stream is not exactly "using Jabber" in my
opinion.  Though, you didn't ask for my opinion, you asked, what I assume
is the question of: Can Jabber join a multicast video stream?  I would
think the answer is no, not without something else, like you mentioned.
What that something else is, I have no idea.  I doubt Jabber/CSF has an API
that let's you command it to join a multicast video stream, like IP Phones
have for joining multicast audio streams.

I'm having a foggy vision of you installing an application server on the
network, which leverages a SIP stack, and then you establish a SIP trunk to
CUCM from it.  Then, you setup a Route Pattern to point to the trunk, and
when your app receives the INVITE, you app basically does a Video on Hold
scenario like how MediaSense was doing.  But, that sounds complicated, and
I'm not even sure if that is supported with multicast, or if it was unicast
only.  I never did see Video on Hold in action before MediaSense went End
of Sale.

If you really just want to provide people with views of the outside, they
could use VLC to join the stream.  Though, that doesn't garner you any more
love for Jabber, but at least it gets the people a view of the fastest
animal in the world!

peregrine falcon top speed


On Wed, Jan 3, 2018 at 1:08 PM Pawlowski, Adam  wrote:

> All,
>
> I have a really odd idea that I'm curious if anyone has accomplished or
> thought of how to accomplish. We're working in getting a Jabber rollout
> planned and set up, adding telepresence endpoints, etc - basically
> providing video access to many who had never had it before. I do not have
> an on-premise bridge.
>
> What I would like to do, is it get a multicast video stream, say, from an
> external IP camera, and make it available as a URI that can be called from
> Jabber or similar. The end goal would be that we could provide (as a nicety
> to drive Jabber use perhaps) URI to dial up some cameras that have some
> external views of our buildings or campus, to let users who don't have a
> window or perhaps don't often see daylight (myself included!) to be able to
> tune in to the lake outside, or the peregrine falcon nest.
>
> I would imagine that no, this doesn't really work without brokering the
> video with a massive conference bridge, but I've been surprised before.
> Anyone hear of anything like this?
>
> Regards,
>
> Adam Pawlowski
> Network and Classroom Services
> University at Buffalo
> 716.645.8489 <(716)%20645-8489>
>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip