Anti-hacking Module / Blacklist Notifications

Discussion in '3CX Phone System - General' started by LCT-PhoneSystem, Feb 26, 2018.

Thread Status:
Not open for further replies.
  1. LCT-PhoneSystem

    Joined:
    Feb 26, 2018
    Messages:
    2
    Likes Received:
    0
    Hello,

    I've been receiving a lot of anti-hacking notifications from my pbx. Is this something I should be concerned about?

    The IP 94.23.42.112 has been blacklisted for 445 sec.
    Reason: Requests rate is too high!

    They have been happening since the start of February:

    163.172.197.210
    51.15.145.32
    94.23.42.112
     
  2. mixig

    mixig Active Member

    Joined:
    Dec 13, 2011
    Messages:
    523
    Likes Received:
    12
    People say better safe than sorry.
    With that, SIP port 5060 it should not be open from insecure network (e.g. Internet) never.
    If you need port 5060 to be open create filter rule on your router/firewall which allows only source IP address of your VoIP provider.
    For "road warriors", if any, use 3CX clients with 3CX tunnel, or if you are using some remote offices best way fot connecting these remote phones is through secure VPN connections.

    Good tips and best practise advice can be found here (short brief is on the last slide, slide 21):
    https://www.3cx.com/3cxacademy/videos/advanced/security-with-3cx-phone-system/
     
    #2 mixig, Feb 26, 2018
    Last edited: Feb 26, 2018
  3. LCT-PhoneSystem

    Joined:
    Feb 26, 2018
    Messages:
    2
    Likes Received:
    0
    Thanks for the info. I'll check the firewall config and go from there.
     
Thread Status:
Not open for further replies.