securing the system?

Discussion in 'General' started by j99991, May 5, 2009.

  1. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    hello

    i would liek to ask what are the ways which could be used in order to secure the elastix system.

    can you install antivirus and firewall on the machine in order to prevent hacks, attacks or other attempt?
    can you put the system behind a firewall? (not a system install one but an outsource firewall)?

    are there any other ways to prevent or to avoid attacks?

    thanks
     
  2. jaschenck

    Joined:
    Apr 19, 2009
    Messages:
    50
    Likes Received:
    0
    Do you have access to something with a flyback transformer? they are in CRT type monitors and tube type TVs


    Jim
     
  3. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    sry for the question but what are flyback transformers?
     
  4. Patrick_elx

    Joined:
    Dec 14, 2008
    Messages:
    1,120
    Likes Received:
    0
    You should read this forum folder, you will see the different security features that you need to implement (fail2ban, strong password, deny/permit ip for extension, etc...)

    As a general rule, having a perimeter firewall that will only open the ports needed to your elastix server is a must in my book.

    Also having your phone LAN separated from the working lan is important (VLAN, other eth on the router,etc...)
     
  5. jaschenck

    Joined:
    Apr 19, 2009
    Messages:
    50
    Likes Received:
    0
    I was going to recommend that you remove the back from your monitor and locate the High voltage side of the flyback transformer, after doing so follow these steps
    1. Place your left hand on a good ground
    2. Place your right hand on the flyback output
    3. Walk into the light, on the other side all your questions will be answered

    Jim
     
  6. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    lol ok i get it now but i do not believe it could let me have more secured elastix system . but it sure could make my life much more easy.

    patrick i do use a firewall and vpn will that be enough?
     
  7. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    by the way where is the forum's folder i went to the forum and i didn't see any thing like that there
     
  8. Lou1z

    Joined:
    Aug 20, 2008
    Messages:
    57
    Likes Received:
    0
    i use vpn's for remote extensions and the only open port to elastix is for sip which is limited to my voip providers eg gradwell
    fingers crossed that that's enough!!
     
  9. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    how can you limite a certain port to a certain provider?
     
  10. ramoncio

    Joined:
    May 12, 2010
    Messages:
    1,663
    Likes Received:
    0
    You can't. You can assign the sip port, but not the rtp port that carries the audio, and the main bandwidth.
     
  11. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    ohh i understand. what is the process of assignment? do i need to provide my address to the provider which is then add's to his system?
     
  12. Patrick_elx

    Joined:
    Dec 14, 2008
    Messages:
    1,120
    Likes Received:
    0

    Use your mouse to scroll to the top of this page.

    In Blue there is written Elastix Forum >> Elastix >> Security

    With the small arrow that moves with the movement of your hand on the mouse, please point to the word Security.

    Then without moving the mouse, click the left button once.

    It's not easy to keep a steady hand while clicking, but after some training you should be able to do it.
     
  13. ramoncio

    Joined:
    May 12, 2010
    Messages:
    1,663
    Likes Received:
    0
    If you continue flooding the forum with dumb questions people will get fed up and stop answering you. I'm trying to be polite and I have a good patience, but someone else might not. First you must read and search google to get the most basic knowledge and then come back here next month and try to ask intelligent questions, showing you have done your homework. This is not a school and people can't loose its time to teach you the most basic concepts.
     
  14. Lou1z

    Joined:
    Aug 20, 2008
    Messages:
    57
    Likes Received:
    0
    no, you are misunderstanding. my firewall will only allow gradwell ip's to access the elastix box on the lan so only sip and the rtp range can hit the elastix box from gradwell.
    outgoing is exactly the same with voip ports only allowed to connect to my voip providers.
    any mobile users use vpn.
     
  15. jaschenck

    Joined:
    Apr 19, 2009
    Messages:
    50
    Likes Received:
    0
    j99991
    Where are you located? What country? I have been sort of wondering about that

    Jim
     
  16. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    ok i understand

    by the way i didn't understand at first what you ment by folder i though this forum has a certain place like a link or page which has more link to site or reading materials so i tried to look for something like that.

    i decided not to use a new pc yet but to download a vm install it see how it goes. then if i have more question i will come back here.

    however my question about appliance or pc still apply and i look forward to receive more experiences and opinions such bob's, before i will buy 1.
    thanks
     
  17. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    ohh i see so acctually when an packet will income the appliance will check if it's from the provider if it is it will allow it's access if not it will deny it. right?

    same to the outgoing. outgoing packets from the sip and rtp port will be sent only to your provider

    right?
     
  18. j99991

    Joined:
    Dec 16, 2008
    Messages:
    98
    Likes Received:
    0
    and jim .. i will let you guess.. if you hit 3 countries and none are right i will ask you an elsatix question ok?

    if you are right then.... i dunno .. i propbly can't offer isntalling you an elastix system since you already have 1 ..
    so.. i will try and think of something.
     
  19. jaschenck

    Joined:
    Apr 19, 2009
    Messages:
    50
    Likes Received:
    0
    I was just sort of wondering what your native language is I am guessing that it's not English. Though you English is not bad.

    Jim
     
  20. jaschenck

    Joined:
    Apr 19, 2009
    Messages:
    50
    Likes Received:
    0
    As for you firewall questions, I tend to select providers that offer IAX2 that way you only have to open one port.
    Over the last 9 years and more installs than I can remember I have had 0 security issues.
     

Share This Page