Security

The New Hybrid PBX: Why Settle for a One Trick Pony?

The New Hybrid PBX: Why Settle for a One Trick Pony?

Monday, October 16, 2017

0 comments

Let’s face it. It’s hard not to like the application development flexibility that Asterisk® offers, especially if you’re part of an organization that has very specific telephony needs. But the price you pay for "free" and putting all of your eggs in the Asterisk basket is painful. Here are a few of the hurdles that come to mind: security, NAT, one-way audio, remote users, CRM support, conferencing, painful upgrades to address frequent bug fixes, and, more generally, telephone management and… Read More ›

VoIP Security: Installing SSL Certificates with Incredible PBX

VoIP Security: Installing SSL Certificates with Incredible PBX

Monday, September 25, 2017

1 comment

We’ve got some revolutionary VoIP projects coming your way over the next several weeks, but I’m sorry to say the hardest part of them is getting your server configured to use secure and encrypted web communications via HTTPS. This is quickly becoming a universal requirement of most of the major technology players. So what might not be the most glamorous VoIP topic for a Monday morning is not only necessary but long overdue. The good news is that obtaining, installing,… Read More ›

It’s Soup: The Definitive Quick Start Guide to Wazo 17.14

It’s Soup: The Definitive Quick Start Guide to Wazo 17.14

Friday, September 22, 2017

17 comments

Today we’re pleased to introduce Wazo 17.14, the latest iteration in the Wazo fork of XiVO. Twelve years in the making with the same development team, Wazo 17.14 is really something special with a new easy-to-use WebRTC feature and support for Asterisk® FollowMe Roaming. Of course, all of your favorite Incredible PBX add-ons are ready as well. What follows is a new soup-to-nuts tutorial covering everything you need to know to get started with Incredible PBX for Wazo 17.14. Wazo… Read More ›

RTPbleed Security Alert: Asterisk Calls Can Be Intercepted

RTPbleed Security Alert: Asterisk Calls Can Be Intercepted

Friday, September 8, 2017

5 comments

If you’ve installed Asterisk® during the past 4½ years, your server has a MAJOR security problem. If you didn’t already know, with Asterisk, your VoIP conversations actually are carried over a random UDP port using the Real Time Protocol (RTP), not the SIP port (UDP 5060) which handles the setup and teardown of your VoIP connections. It turns out that, since March 2013, all of that RTP traffic and thus your conversations could be intercepted and redirected by anyone on… Read More ›

3CX in the Cloud: 8 Great Ways to Secure Your Server

3CX in the Cloud: 8 Great Ways to Secure Your Server

Friday, June 23, 2017

Comments are Disabled

Now that many of you have taken advantage of the opportunity to deploy a free 3CX server, it seemed like an opportune time to share what we’ve learned while deploying 3CX on hosted platforms in the cloud. If you’ve followed our Nerd Vittles adventures over the years, you already know that our number one consideration with any PBX deployment is security. Without that, you’re just paying somebody else’s phone bill. While 3CX is extremely secure as delivered, once you choose… Read More ›

Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi

Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi

Tuesday, February 28, 2017

1 comment

It’s been more than a year since we last chatted about Cloud At Cost. Because they’re in the midst of yet another 50% off Fire Sale and to close out February with a bang, it seemed like a good time to take a fresh look at a terrific way to get started with Linux. For today’s $35 cloud project, we’re going to build a free WordPress server and a free commercial PBX compliments of 3CX. For what it’s worth, we’ve… Read More ›

Introducing a New WhiteList Security Model for Wazo

Introducing a New WhiteList Security Model for Wazo

Monday, February 20, 2017

1 comment

Today we’re pleased to introduce a new state-of-the-art Travelin’ Man 3 firewall implementation for 2017. Five years ago, we developed a new security model for Asterisk® servers that whitelisted those needing access while blocking everyone else. The design was simple. You can’t attack what you can’t see. Three years ago, we made Travelin’ Man 3 more flexible for remote users with the addition of PortKnocker, a terrific tool providing temporary remote server access using a random three-number code. Today’s release… Read More ›

Security 101: A Fresh Look at Incredible PBX Security Audit Methodology

Security 101: A Fresh Look at Incredible PBX Security Audit Methodology

Tuesday, August 9, 2016

Comments are Disabled

Embed from Getty Images Incredible PBX remains one of the most secure VoIP server platforms on the planet for one simple reason. We always deploy a preconfigured Linux IPtables firewall with a whitelist that hides your server from everyone except you and trusted VoIP providers. IPtables is automatically configured and deployed as part of every initial install of Incredible PBX regardless of your platform. This includes XiVO with Debian 8 as well as CentOS 6 and 7, Ubuntu 14.04, Raspbian… Read More ›