Potential Threats:
DoS (Denial of Service) attacks – Constant “Ping” or an attack that can cause your system to shut down In minor cases the powering down and back up of your system will restore service. In worse case scenarios an attack can plant a virus in the system causing it to shut down multiple times and or permanently. If this happens it normally requires a complete system restore.
Port Scanning – Perpetrators “scan” ports on network devices looking for a way in. International Toll calls – Access gained through phone system allowing perpetrators to place Long Distance and or International Toll Calls. In worse case scenarios an attack can plant a virus in the system causing it to shut down multiple times and or permanently. If this happens it normally requires a complete system restore.
STEPS TO IMPROVE SECURITY:
- Enable the phone system Maintenance VPN for remote access.
- Change the Administrator Password.
- Enable NAT Firewall with Stealth DMZ within the Allworx server to help limit Ping attacks. (Additional firewall protection is recommended)
- pdate the system to the latest software version designed to improve security.
- Change Phone Admin Passwords.
- Change Plug N Play key Passwords for remote phones.
- Disable ability to set up remote phones unless needed.
- Coordinate efforts with your IT administrator or vendor to make changes on their firewall device or software where possible.
- Make mailbox passwords more secure than 1234!
- Be sure your anti-virus/malware is up to date on your LAN.
- Request your IT administrator to be sure there are no unnecessary ports exposed on your Firewall device or software.
- Be sure remote phone users are protected by a firewall.
- Install the “Warp” firewall – Click here to see the brochure. Call or email for pricing
IMPORTANT! PLEASE DO NOT undertake any of these recommendations without notifying us. It is important that no changes are made that could prevent us from getting to the phone server, or prevent use in general.
If you suspect any Toll fraud or are notified by your voice service provider please notify us right away.
Remember for those customers covered by our Pinnacle managed service program we will perform these services at no additional cost to you!
Pinnacle plan also covers all software updates and remote back up of phone system programming!
For additional information on our Pinnacle plans or to open a ticket to have us perform the items listed above please fill out the form below along with specific request. We can also be reached at (303) 526-1154 or (719) 266-377.
Additional Links For More Information:
http://en.wikipedia.org/wiki/Denial-of-service_attack
http://www.networkworld.com/news/2011/100411-ddos-voip-251553.html
http://www.securityweek.com/dhs-warns-telephone-denial-service-tdos-attacks
Thank you for trusting us with your phone system needs.
Ron