In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. As clarification, DDoS (Distributed Denial of Service) attacks are sent by two or more persons, or bots. (See botnet) DoS (Denial of Service) attacks are sent by one person or system.
The standard definition of a DDoS attack is listed above from Wikipedia, and unfortunately this is just the world we live in. DDoS attacks happen all the time, some for no reason at all. PBX systems are no different than anything else on the internet. Today we experienced an issue with one of our Allworx PBX systems. The official event in the log is:
04/07/2014 06:40:42am tSysTask: TASK Sys: Memory stats: 134180 bytes available (max block 15692)
Now this log doesn’t look like much but essentially this is the after effects of a DDoS attack causing memory leaks on the Allworx PBX system. All PBX systems in the industry are no different in that they are all open at some point to DDoS attacks. For a breakdown of how Telecom Solutions protects the Allworx PBX see our article on Important Security Best Practices.
TSI is pleased to provide everyone with our thoughts on the recent changes to the 18.104.22.168 release that is now available for your Allworx systems.
While there was a lot of changes made to the system software a majority of the changes happen to be primarily Administrative instead of end user. However, there was some things to note in the Allworx Release 22.214.171.124, specifically in regards to known issues that we believe our customer base should be aware of.
- Call transfers from 1 POTS Line to another POTS Line is not supported – While this known issue has been a problem for a while, it is of something to mention as this scenario could happen more often than not.
And that is pretty much it in regards to the Allworx Release 126.96.36.199. Looking to upgrade your current Allworx to this release? Need help understanding if 188.8.131.52 is right for you? More questions about this release? Contact us today for more information!
DoS (Denial of Service) attacks – Constant “Ping” or an attack that can cause your system to shut down In minor cases the powering down and back up of your system will restore service. In worse case scenarios an attack can plant a virus in the system causing it to shut down multiple times and or permanently. If this happens it normally requires a complete system restore.
Port Scanning – Perpetrators “scan” ports on network devices looking for a way in. International Toll calls – Access gained through phone system allowing perpetrators to place Long Distance and or International Toll Calls. In worse case scenarios an attack can plant a virus in the system causing it to shut down multiple times and or permanently. If this happens it normally requires a complete system restore.
STEPS TO IMPROVE SECURITY:
- Enable the phone system Maintenance VPN for remote access.
- Change the Administrator Password.
- Enable NAT Firewall with Stealth DMZ within the Allworx server to help limit Ping attacks. (Additional firewall protection is recommended)
- pdate the system to the latest software version designed to improve security.
- Change Phone Admin Passwords.
- Change Plug N Play key Passwords for remote phones.
- Disable ability to set up remote phones unless needed.
- Coordinate efforts with your IT administrator or vendor to make changes on their firewall device or software where possible.
- Make mailbox passwords more secure than 1234!
- Be sure your anti-virus/malware is up to date on your LAN.
- Request your IT administrator to be sure there are no unnecessary ports exposed on your Firewall device or software.
- Be sure remote phone users are protected by a firewall.
- Install the “Warp” firewall – Click here to see the brochure. Call or email for pricing
IMPORTANT! PLEASE DO NOT undertake any of these recommendations without notifying us. It is important that no changes are made that could prevent us from getting to the phone server, or prevent use in general.
If you suspect any Toll fraud or are notified by your voice service provider please notify us right away.
Remember for those customers covered by our Pinnacle managed service program we will perform these services at no additional cost to you!
Pinnacle plan also covers all software updates and remote back up of phone system programming!
For additional information on our Pinnacle plans or to open a ticket to have us perform the items listed above please fill out the form below along with specific request. We can also be reached at (303) 526-1154 or (719) 266-377.
Additional Links For More Information:
Thank you for trusting us with your phone system needs.
Do you have the most current software for your Allworx phone system?
Allworx System Software 7.5 builds on the rich history of Allworx product enhancements that has resulted in the popularity of the Allworx family of IP PBXs.
This upgrade includes feature and security upgrades as well as Allworx Reach, a SIP mobile phone client designed to run on Apple iOS (iPhone) and Android phones.
Please review the information below for more details.
For customers who have selected our Pinnacle Maintenance Program, all software updates along with remote backup of your Allworx system are included as part of the program.
FOR MORE INFORMATION PLEASE FILL OUT THE FORM BELOW:
* required field