Security Issue Reloved?

VitalPBX Community Support General Discussion Security Issue Reloved?

  • Post
    david500
    Participant
    Up
    0
    Down
    We found a forum post below and were wondering is this issue has been resolved in the latest release?

    <b>A Word About Security.</b> VitalPBX includes both an IPtables firewall configurator for firewalld and a Fail2Ban intrusion detection setup that is impressive. Having said that, the IPtables firewall is activated but allows unrestricted SIP and web access with no rules to thwart SipVicious-style attacks. Unless you’re an expert in firewall design, we strongly recommend deployment of VitalPBX on a private LAN behind a hardware-based firewall or home router with no port forwarding. That will block intrusion attempts without encountering NAT problems which VitalPBX and Asterisk 13 now handle with ease.

    0
Viewing 2 replies - 1 through 2 (of 2 total)
  • Replies
    Up
    0
    Down
    Yes, On the latest versions of VitalPBX blocks the IP addresses of commons attackers by default, also, some automatized attackers like “SipVicious”, “sipcli”, “pplsip”, “sip-scan”, “friendly-scanner”, and so on.
    1
    david500
    Participant
    Up
    0
    Down
    Awesome, thank you Jose!
    0
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security Issue Reloved?’ is closed to new replies.