Post Tagged with: "security"

RTPbleed Security Alert: Asterisk Calls Can Be Intercepted

RTPbleed Security Alert: Asterisk Calls Can Be Intercepted

Friday, September 8, 2017

5 comments

If you’ve installed Asterisk® during the past 4½ years, your server has a MAJOR security problem. If you didn’t already know, with Asterisk, your VoIP conversations actually are carried over a random UDP port using the Real Time Protocol (RTP), not the SIP port (UDP 5060) which handles the setup and teardown of your VoIP connections. It turns out that, since March 2013, all of that RTP traffic and thus your conversations could be intercepted and redirected by anyone on… Read More ›

3CX in the Cloud: 8 Great Ways to Secure Your Server

3CX in the Cloud: 8 Great Ways to Secure Your Server

Friday, June 23, 2017

Comments are Disabled

Now that many of you have taken advantage of the opportunity to deploy a free 3CX server, it seemed like an opportune time to share what we’ve learned while deploying 3CX on hosted platforms in the cloud. If you’ve followed our Nerd Vittles adventures over the years, you already know that our number one consideration with any PBX deployment is security. Without that, you’re just paying somebody else’s phone bill. While 3CX is extremely secure as delivered, once you choose… Read More ›

Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi

Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi

Tuesday, February 28, 2017

1 comment

It’s been more than a year since we last chatted about Cloud At Cost. Because they’re in the midst of yet another 50% off Fire Sale and to close out February with a bang, it seemed like a good time to take a fresh look at a terrific way to get started with Linux. For today’s $35 cloud project, we’re going to build a free WordPress server and a free commercial PBX compliments of 3CX. For what it’s worth, we’ve… Read More ›

Introducing a New WhiteList Security Model for Wazo

Introducing a New WhiteList Security Model for Wazo

Monday, February 20, 2017

1 comment

Today we’re pleased to introduce a new state-of-the-art Travelin’ Man 3 firewall implementation for 2017. Five years ago, we developed a new security model for Asterisk® servers that whitelisted those needing access while blocking everyone else. The design was simple. You can’t attack what you can’t see. Three years ago, we made Travelin’ Man 3 more flexible for remote users with the addition of PortKnocker, a terrific tool providing temporary remote server access using a random three-number code. Today’s release… Read More ›

Integrating SIP URIs into XiVO for Free Worldwide Calling

Integrating SIP URIs into XiVO for Free Worldwide Calling

Monday, September 26, 2016

Comments are Disabled

It’s been a while since we’ve explored SIP URIs and all of the advantages that SIP URI calling brings to your PBX. Number one on that list is FREE calling to and from anyone on the planet so long as both of you have an Internet connection with a SIP phone or a VoIP server such as Incredible PBX for XiVO. SIP URIs are the fundamental building blocks for VoIP technology. Consider this. If everyone in the world had a… Read More ›

Security 101: A Fresh Look at Incredible PBX Security Audit Methodology

Security 101: A Fresh Look at Incredible PBX Security Audit Methodology

Tuesday, August 9, 2016

Comments are Disabled

Embed from Getty Images Incredible PBX remains one of the most secure VoIP server platforms on the planet for one simple reason. We always deploy a preconfigured Linux IPtables firewall with a whitelist that hides your server from everyone except you and trusted VoIP providers. IPtables is automatically configured and deployed as part of every initial install of Incredible PBX regardless of your platform. This includes XiVO with Debian 8 as well as CentOS 6 and 7, Ubuntu 14.04, Raspbian… Read More ›

Taking a Fresh Look at the Asterisk, FreePBX, and Incredible PBX Security Models

Taking a Fresh Look at the Asterisk, FreePBX, and Incredible PBX Security Models

Monday, April 18, 2016

Comments are Disabled

Embed from Getty Images About once a year, we try to shine the spotlight on Asterisk® security in hopes of saving lots of organizations and individuals a little bit (or a lot) of money. In light of last week’s major security lapse in the Asterisk® dialplan of those using FreePBX® since the Asterisk@Home days, now seemed like a good time for a review. As we’ve noted before, the problem with open source phone systems is they’re open source phone systems.… Read More ›

It's Back: $10.50 Buys an Incredible PBX in the Cloud For Life... If You Hurry

It’s Back: $10.50 Buys an Incredible PBX in the Cloud For Life… If You Hurry

Monday, March 14, 2016

1 comment

Embed from Getty Images In January, we began our new series on Cloud Computing by documenting how to build an awesome LAMP server in the Cloud using Linux. Today we’re again going to show you how to use the same Cloud platform and take advantage of the $10.50 coupon code TAKE70 to build an Incredible PBX in the Cloud FOR LIFE. When you’re finished, you’ll have a state-of-the-art Incredible PBX 13 server with hundreds of PBX features including free calling… Read More ›