vicidial.org

we were hacked and used our server to place calls, from what i heard using one of the extension which had registration ..what are best ways to protect against?
our engineers change the default dial prefix, http port 80 to another one ..would help complex extensions, different password registration?...what other measures?

thank you

Hi Sir.. Please use the yast firewall custom set up.. thats the best firewall to secure your system

Good Day,

Block all incoming traffic except for your IP's and block the most common ports from being accessed from outside of you network.

E.g. mysql port, ssh port, sip port, ftp port and http port.

this is just the best to use http://viciwiki.com/index.php/DGG

thanks gos to williamconley as he posted it to me

all so when adding in soft phones its all ways best to do this GH20B =username Cb23CGb =password
even in vicidial you can add in under agents and lock the agents to that softphone then do agents user and pass totaley difrent from the soft phone makes it all most impossible to login and if not all rdy Change the server Defalt password to somthink like this A@bcdtH_H27D@bba the longer the better {not the web admin 6666}

1) Whitelist Lockdown your server. Once that is done: No unauthorized IPs will be able to access your server.

2) Set good passwords for all your sip accounts and user accounts. This helps in case of a failure of 1) (even temporarily).

3) SIP accounts should NOT be "100" through "10000". They should be alphanumeric. This only involves the "extension" field under admin->phones. It does not affect the dialplan or extensions.

4) Do use the instructions available here http://viciwiki.com/index.php/DGG which include whitelist lockdown instructions. It also includes Dynamic Good Guys itself which is merely an add-on to allow easy addition of Authorized IPs and even a mobile link to self-add from outside the system. But that is not necessary, all you really need is the instructions for whitelisting.