PBX Cyberattack survival KIT

glitchlist Blog Leave a Comment

Installing a PBX in your company represents a technological evolution that allows you to dynamically expand your voice services.
But this evolution must be managed, maintained and secured. Because of a lack of security, malicious attacks on PBX plants can block a company’s voice services.

Below you will find a list of activities to follow to avoid as much as possible a cyber attack on your PBX.

  • Check your PBX (Cisco, Asterisk, whatever…) has the latest firmware and the last security patch availables.
  • Change default passwords!!!
  • Disable all unnecessary services like telnet, SNMP v1, HTTP and enable strong authentication on maintenance connection lite ssh, https, SNMP v2c/3
  • Enable PBX logging to search for Network/Calls suspicious traffic
  • In a VoIP environment, crypt end-to-end traffic between phones and PBX
  • Don’t expose PBX on the public Internet and if you have to do it restrict traffic with other trusted PBX
  • Mobile users must access to PBX resources via IPSEC/HTTPS tunnel!

hope this help!

.glitchlist crew

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.