How 3CX Phone System Solves Security Issues in VoIP (Part 1)
All telephone exchanges are broken, and in most cases this is a human factor: someone was too lazy to put a password on the subscriber or set a simple password (login 100 and password 100, just a classic), or did not close the port, for example, access to the admin panel.
So, let's see how 3CX helps to get around all these rakes.
By active security, we conditionally assign modules that do something in response to the detection of some signs of a threat.
Antihacking - monitors the parameters of incoming requests, analyzes them and if it is zero; but puts the IP address from which these requests go to the "black list". Parameters can be as follows:
')
This is what the list of blacklisted IP addresses looks like, in the collection of our PBX there are already about 400 entries, recently there are many banned addresses from the USA, but most likely this is a proxy.
Each of the entries can be edited.
You can transfer the IP address to the white one from the black list or extend the blocking range to the subnet.
By the way, it is not uncommon when the “native” equipment from the local network gets on the “black” list. It is enough to make a mistake in the password or login.
Motherland , i.e. The country in which the IP PBX is installed is selected at the installation stage. Later you can expand the list of allowed countries.
If any of the protection mechanisms is triggered, you can set up email notifications. By the way, the fact of entering the admin panel can also be fixed with a notification.
To be continued. Part 2
PS For those who want to talk in detail about security issues or just chat. We are waiting from May 12 to May 15 at Svyaz-Expocomm 2015 Pavilion 8 / Hall 1 / Stand # 81A30
So, let's see how 3CX helps to get around all these rakes.
Active safety
By active security, we conditionally assign modules that do something in response to the detection of some signs of a threat.
Antihacking - monitors the parameters of incoming requests, analyzes them and if it is zero; but puts the IP address from which these requests go to the "black list". Parameters can be as follows:
- Number of invalid authentications - i.e. Password-login selection is limited to a certain number of attempts, after which the IP falls into the “black list”.
- The number of Register requests from an attacking host that do not receive a continuation, i.e. Register packets unilaterally, without an answer go to PBX. If the specified limit is exceeded - in the black list.
- Blacklist timeout - time for which the IP address will be blocked. (seconds)
- Three levels of packet counters , green / yellow / red. Green - the station does nothing, just turns on the packet counter at a specified interval, in milliseconds. Yellow - continues to count packets per second, but when 1000 packets from one IP are exceeded, a 5-second block is activated. Red - when the threshold is exceeded, it no longer counts, but immediately sends the IP address to the ban for the time specified in the timeout.
')
Black list
This is what the list of blacklisted IP addresses looks like, in the collection of our PBX there are already about 400 entries, recently there are many banned addresses from the USA, but most likely this is a proxy.
Each of the entries can be edited.
You can transfer the IP address to the white one from the black list or extend the blocking range to the subnet.
By the way, it is not uncommon when the “native” equipment from the local network gets on the “black” list. It is enough to make a mistake in the password or login.
Allowed countries for international
Motherland , i.e. The country in which the IP PBX is installed is selected at the installation stage. Later you can expand the list of allowed countries.
If any of the protection mechanisms is triggered, you can set up email notifications. By the way, the fact of entering the admin panel can also be fixed with a notification.
To be continued. Part 2
PS For those who want to talk in detail about security issues or just chat. We are waiting from May 12 to May 15 at Svyaz-Expocomm 2015 Pavilion 8 / Hall 1 / Stand # 81A30
Source: https://habr.com/ru/post/257377/
All Articles