Sunday 3 February 2013

How to secure your3CX PBX V9 systems from hacks

How to make
a 3CX Phone System Version 9
even more secure
With the introduction of the new V9 3CX
PBX we decided to add some extra
security to the PBX. This new feature is
called the “3CX Anti-Hacking” and
located under Settings/Advanced/Anti-
hacking tab.
It’s main purpose is to block any
malicious attacks targeted to the 3CX
Phone System server in case the
administrator has not taken the needed
precautions at firewall level. It works by
detecting and blocking packet floods /
DoS attacks or brute force dictionary
attacks with the scope of identifying and
cracking the extension number and the
password.
The above shows the main interface of
the 3CX Anti Hacking configuration
page. This is accessible by clicking on
the Settings node, Advanced section,
Anti-Hacking tab.
Failed Authentication Protection
This is a protection in case the attacker
tries to use a dictionary attack to guess
the password set for a particular
extension. To do this the attacker has to
send numerous invites and after the
server sends a “Proxy authentication
Required message” the attacker will
send an invite with authentication. With
this feature, the attacker can only send
25 requests in an attempt to crack the
password. However the administrator
should not leave the password for
extension 100, 100 because the attacker
will guess this in seconds and this
protection will be useless.  If the
password is 6 digits long for example,
the attacker needs much more than 25
attempts to crack it. This is when this
feature comes in handy. If an IP Address
spams the 3CX Phone System with 25
wrong Authentication attempts, that IP
address will be blocked and put in the
blacklist for the time specified in the
“Blacklist time interval” parameter –
Default 30 minutes.
Blacklist time interval – Default
1800 seconds (30 min)
This option specifies the amount of time
that an attacker’s IP will remain
blacklisted for. By default, this value is
set to 30 minutes just like major VoIP
Providers do if they receive too many
registration attempts from a specific IP.
Security Barrier 1 – Green
Page 1 of 3 | Next page
Posted in Docs and FAQ , VoIP How To |
Comments Off
Previous post: 3CX successfully
complete interoperability testing with
Yealink
Next post: Dial 0 for Operator

No comments:

Post a Comment