Securing Elastix, what else more

alben

Joined
Jan 20, 2010
Messages
28
Likes
0
Points
0
#1
Hi, with the help of this forum i have my elastix box safer, in things like ssh, elastix, freepbx and a2billing login.
I am wondering now, do I need to take some additional steps?
what about the other extras like sugar, tiger, fop, etc, do they have any open door?
thanks a lot
 

dicko

Joined
Oct 24, 2008
Messages
4,099
Likes
0
Points
0
#2
Just the normal security stuff really, first set up your firewall (hardware or iptables) as restrictively as possible. maybe start with:

run nmap -v -p 1-65535 <your-server-ip> (at a quiet time) from a box on the outside.

Investigate anything that shows up that you don't recognize. As to the html stuff I suggest you limit the access in /etc/httpd/conf/httpd.conf by allowable networks and hosts (deny all/allow <whatever you need> )

look into ossec or fail2ban, add rkhunter or something like that, image your machine (and test it), before AND after every major change, mondorestore works for me. Make a complete backup of the system state every night, as I've said before some security issues are behind the keyboard.
 

elastix-tob

Joined
Aug 16, 2010
Messages
13
Likes
0
Points
0
#3
is there any guide to follow for securing the elastix system?
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,902
Messages
130,887
Members
17,565
Latest member
omarmenichetti
Top