3CX System Security (Discussion)

Discussion in '3CX Phone System - General' started by LyonAdmiral, Oct 10, 2017.

Thread Status:
Not open for further replies.
  1. LyonAdmiral

    Joined:
    Aug 10, 2015
    Messages:
    50
    Likes Received:
    1
    My institution has been on 3CX for a few years now; since April of 2015. I'm curious about how you handle system security for your 3CX installations in terms of penetration attempts from the Internet. I'm curious, how does anybody I know I even am using 3CX, we don't advertise that, and then I also wonder do these people have nothing better to do than try to break into peoples 3CX systems.
     
  2. IoannisM_3CX

    IoannisM_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Aug 10, 2017
    Messages:
    228
    Likes Received:
    17
    Hello @LyonAdmiral

    What you can do so is from your PBX in order to prevent any malicious action is:


    - Under Settings >>Security >> Anti-Hacking divide each value by two, except the blacklist time interval, and the security barrier (green).
    Set the blacklist time interval to a higher value such as 31536000 (1 year).
    -Under Settings>>Security Settings>>Allowed country codes select only the locations that you wish to receive calls from.
    -Under Dashboard>>Blacklisted IPs you can blacklist ranges of IPs but please be careful on that because you don't want to block IPs that you get traffic from.
    3CX is protecting you from known APIs and tools that can perform malicious actions against your System. You can find them under Settings>>Parameters searching with SEC_IGNORE_USER_AGENT (important: please note that, editing parameters in highly not recommended )


    On your firewall:
    - Filter the SIP port to allow only trusted sources, meaning your VoIP providers IP/range, and remote extensions (if any).
    -Configure all remote Extension connect through the 3CX Tunnel
    -Use ACL to alow only trusted IPs

    Make use of VPN if possible

    You can find more security countermeasures and detailed information here: https://www.3cx.com/3cxacademy/videos/advanced/security-with-3cx-phone-system/
     
  3. LyonAdmiral

    Joined:
    Aug 10, 2015
    Messages:
    50
    Likes Received:
    1
    I have a few users who are using the 3CX app on their cell phones. What I am doing is adding ranges of IP addresses to our firewalls blacklist to drop packets. Just irks me that people have nothing better to do than to try to break into 3CX to make free phone calls. Just how cheap can a person be.
     
  4. agp

    agp 3CX Team

    Joined:
    Aug 19, 2015
    Messages:
    135
    Likes Received:
    21
    Something I would like to add is that the majority of the attacks are being performed by automated tools/scanners which blindly scan ip subnets for servers listening on 5060 (or other services) and try to exploit potential weaknesses. They don't really care if the system is running 3CX or any other PBX. These attacks are extremely common to any online server :)
     
  5. the60

    the60 New Member

    Joined:
    Oct 21, 2011
    Messages:
    117
    Likes Received:
    50
    In the last 24 hrs, we've seen a huge spike in attempted breaches/hacks. The UA is now Yealink, and therefore, not being blocked by the list of blocked UAs.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. DSXDATA

    DSXDATA New Member

    Joined:
    Oct 20, 2015
    Messages:
    171
    Likes Received:
    60
    Is it possible you have added an extension and left the Block WAN requests on?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.