securing the system?

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#1
hello

i would liek to ask what are the ways which could be used in order to secure the elastix system.

can you install antivirus and firewall on the machine in order to prevent hacks, attacks or other attempt?
can you put the system behind a firewall? (not a system install one but an outsource firewall)?

are there any other ways to prevent or to avoid attacks?

thanks
 

jaschenck

Joined
Apr 19, 2009
Messages
50
Likes
0
Points
0
#2
Do you have access to something with a flyback transformer? they are in CRT type monitors and tube type TVs


Jim
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#3
sry for the question but what are flyback transformers?
 

Patrick_elx

Joined
Dec 14, 2008
Messages
1,120
Likes
0
Points
0
#4
You should read this forum folder, you will see the different security features that you need to implement (fail2ban, strong password, deny/permit ip for extension, etc...)

As a general rule, having a perimeter firewall that will only open the ports needed to your elastix server is a must in my book.

Also having your phone LAN separated from the working lan is important (VLAN, other eth on the router,etc...)
 

jaschenck

Joined
Apr 19, 2009
Messages
50
Likes
0
Points
0
#5
I was going to recommend that you remove the back from your monitor and locate the High voltage side of the flyback transformer, after doing so follow these steps
1. Place your left hand on a good ground
2. Place your right hand on the flyback output
3. Walk into the light, on the other side all your questions will be answered

Jim
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#6
lol ok i get it now but i do not believe it could let me have more secured elastix system . but it sure could make my life much more easy.

patrick i do use a firewall and vpn will that be enough?
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#7
by the way where is the forum's folder i went to the forum and i didn't see any thing like that there
 

Lou1z

Joined
Aug 20, 2008
Messages
57
Likes
0
Points
0
#8
i use vpn's for remote extensions and the only open port to elastix is for sip which is limited to my voip providers eg gradwell
fingers crossed that that's enough!!
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#9
how can you limite a certain port to a certain provider?
 

ramoncio

Joined
May 12, 2010
Messages
1,663
Likes
0
Points
0
#10
j99991 said:
how can you limite a certain port to a certain provider?
You can't. You can assign the sip port, but not the rtp port that carries the audio, and the main bandwidth.
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#11
ohh i understand. what is the process of assignment? do i need to provide my address to the provider which is then add's to his system?
 

Patrick_elx

Joined
Dec 14, 2008
Messages
1,120
Likes
0
Points
0
#12
j99991 said:
by the way where is the forum's folder i went to the forum and i didn't see any thing like that there

Use your mouse to scroll to the top of this page.

In Blue there is written Elastix Forum >> Elastix >> Security

With the small arrow that moves with the movement of your hand on the mouse, please point to the word Security.

Then without moving the mouse, click the left button once.

It's not easy to keep a steady hand while clicking, but after some training you should be able to do it.
 

ramoncio

Joined
May 12, 2010
Messages
1,663
Likes
0
Points
0
#13
If you continue flooding the forum with dumb questions people will get fed up and stop answering you. I'm trying to be polite and I have a good patience, but someone else might not. First you must read and search google to get the most basic knowledge and then come back here next month and try to ask intelligent questions, showing you have done your homework. This is not a school and people can't loose its time to teach you the most basic concepts.
 

Lou1z

Joined
Aug 20, 2008
Messages
57
Likes
0
Points
0
#14
no, you are misunderstanding. my firewall will only allow gradwell ip's to access the elastix box on the lan so only sip and the rtp range can hit the elastix box from gradwell.
outgoing is exactly the same with voip ports only allowed to connect to my voip providers.
any mobile users use vpn.
 

jaschenck

Joined
Apr 19, 2009
Messages
50
Likes
0
Points
0
#15
j99991
Where are you located? What country? I have been sort of wondering about that

Jim
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#16
ok i understand

by the way i didn't understand at first what you ment by folder i though this forum has a certain place like a link or page which has more link to site or reading materials so i tried to look for something like that.

i decided not to use a new pc yet but to download a vm install it see how it goes. then if i have more question i will come back here.

however my question about appliance or pc still apply and i look forward to receive more experiences and opinions such bob's, before i will buy 1.
thanks
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#17
ohh i see so acctually when an packet will income the appliance will check if it's from the provider if it is it will allow it's access if not it will deny it. right?

same to the outgoing. outgoing packets from the sip and rtp port will be sent only to your provider

right?
 

j99991

Joined
Dec 16, 2008
Messages
98
Likes
0
Points
0
#18
and jim .. i will let you guess.. if you hit 3 countries and none are right i will ask you an elsatix question ok?

if you are right then.... i dunno .. i propbly can't offer isntalling you an elastix system since you already have 1 ..
so.. i will try and think of something.
 

jaschenck

Joined
Apr 19, 2009
Messages
50
Likes
0
Points
0
#19
I was just sort of wondering what your native language is I am guessing that it's not English. Though you English is not bad.

Jim
 

jaschenck

Joined
Apr 19, 2009
Messages
50
Likes
0
Points
0
#20
As for you firewall questions, I tend to select providers that offer IAX2 that way you only have to open one port.
Over the last 9 years and more installs than I can remember I have had 0 security issues.
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,940
Messages
130,961
Members
17,632
Latest member
moaulool
Top