Security Considerations

From Integrics Wiki
Revision as of 21:29, 23 May 2016 by Dcunningham (talk | contribs)
Jump to: navigation, search
  • Disallow routes to countries that customers don't need, especially high fraud countries.
  • Set a daily spending limit for all customers.
  • Requiring long password lengths for phones and people.
  • Educate customers on choosing good passwords.
  • Have contracts to make sure the right person pays if they are hacked and run up a huge bill.
  • Change the SSH port from 22 to something non standard.
  • Use iptables to lock out countries where you do not have customers.
  • Set Asterisk servers to use non default ports for SIP like 5065 instead of 5060.
  • Make sure all handsets have a username and password which are not the devices default.
  • Monitor servers with a tool like Nagios and or Cacti where there is an alert if there is more than X calls per customer, system etc.

Some systems have easySysAdmin or fail2ban (for example) automatically block brute force SSH or SIP registration attacks.

Retrieved from ‘http://wiki.integrics.com/index.php?title=Security_Considerations&oldid=145