May 6, 2015 at 12:00How 3CX Phone System Solves VoIP Security Issues (Part 1)
All telephone exchanges break, and in most cases this is a human factor: someone was too lazy to put a password on the subscriber or put a simple password (login 100 and password 100, just a classic), or did not close the desired port, for example, access to the admin panel.
So, let's see how 3CX helps to get around all this rake.
Active security conditionally include modules that do something in response to the detection of any signs of a threat.
Antihacking - monitors the parameters of incoming requests, analyzes them and if zero; but puts the IP address from which these requests go to the "black list". Parameters may be as follows:
This is how the list of IP addresses that were blacklisted looks like, there are about 400 entries in the collection of our PBX, recently there are a lot of banned addresses from the USA, but most likely it is a proxy.
Each of the entries can be edited.
From the black list, you can transfer the IP address to white or expand the blocking range to the subnet.
By the way, there are not rare cases when “native” equipment from the local network falls into the “black” list. It is enough to make a mistake in the password or login.
Homeland , i.e. the country in which the IP-PBX is installed is selected at the installation stage. Later you can expand the list of allowed countries.
If any of the protection mechanisms is triggered, you can configure email notifications. By the way, the fact of entering the admin panel can also be fixed with a notification.
To be continued. Part 2
PS For those who want to talk in detail about security issues or just chat. We are waiting from May 12 to 15 at the Svyaz-Expocomm 2015 exhibition Pavilion 8 / Hall 1 / Stand No. 81A30
So, let's see how 3CX helps to get around all this rake.
Active safety
Active security conditionally include modules that do something in response to the detection of any signs of a threat.
Antihacking - monitors the parameters of incoming requests, analyzes them and if zero; but puts the IP address from which these requests go to the "black list". Parameters may be as follows:
- The number of failed authentications - i.e. the selection of the login password is limited to a certain number of attempts, after which the IP falls into the “black list”.
- The number of Register requests from the attacking host that do not receive a continuation, i.e. PBXs receive Register packets unilaterally, without an answer. If the specified limit is exceeded - blacklisted.
- Blacklist timeout - time for which the IP address will be blocked. (seconds)
- Three levels of packet counters , green / yellow / red. Green — the station is not doing anything, it just turns on the packet counter at the specified interval, in milliseconds. Yellow - continues to count packets per second, but when exceeding 1000 packets from one IP, a 5-second block is activated. Red - when the threshold is exceeded, it no longer considers it, but immediately sends the IP address to the ban for the time specified in the timeout.
Black list
This is how the list of IP addresses that were blacklisted looks like, there are about 400 entries in the collection of our PBX, recently there are a lot of banned addresses from the USA, but most likely it is a proxy.
Each of the entries can be edited.
From the black list, you can transfer the IP address to white or expand the blocking range to the subnet.
By the way, there are not rare cases when “native” equipment from the local network falls into the “black” list. It is enough to make a mistake in the password or login.
Allowed countries for international
Homeland , i.e. the country in which the IP-PBX is installed is selected at the installation stage. Later you can expand the list of allowed countries.
If any of the protection mechanisms is triggered, you can configure email notifications. By the way, the fact of entering the admin panel can also be fixed with a notification.
To be continued. Part 2
PS For those who want to talk in detail about security issues or just chat. We are waiting from May 12 to 15 at the Svyaz-Expocomm 2015 exhibition Pavilion 8 / Hall 1 / Stand No. 81A30