Block a script to be run on each IP Phone

Version 1
    This document was generated from CDN thread

    Created by: Jose Mendez on 03-09-2010 02:07:25 PM
    Can I modify or do something on a IP Phone Type B so that a script cannot be issued?
     
    The script is supposed to be able to:
    1) Connect to IP phone via web services with any credentials other than Null
    2) Ignore the encrypted device configuration
    3) Silently open up the speakerphone on the phone
    4) Send a 1 way unencrypted RTP stream from the compromised phone to a 3rd party capture device somewhere else on the network

    The script can be ran from a laptop for example, and if it has access to the voice vlan, I don't want that logic to be executed by the phone.
     
    I can post the script if needed, the question is, is theere a general parameter or way to block a script that uses the CiscoIPPhoneExecut?

    Can something be done to stop it?

    Subject: RE: Block a script to be run on each IP Phone
    Replied by: David Staudt on 04-09-2010 04:23:55 AM
    The most effective solution would be to disable the phone's small built in web server from the UCM admin.