MikeTheSpike
Technical User
I have just setup a test IP Office 9.1.400 VM using eth0 connecting internally and eth1 for public internet.
This is so I can use the mobile client and desktop Communicator features of this platform properly out in the public.
I have been watching my IP Office System Status and have noticed several failed registration attempts in the Service Configuration alarms.
One one occasion I also noticed someone had used IP Office Manager from outside the network to try access my IP Office. I have his IP address now.
Anyone else have any similar security issues?
I am an IP Office newbie and by no means a dictator of security in any way and usually try building as per default working spec, but I am interested to find if anyone if anyone else has an easy possible solution to the security issues associated. Or are there features in IP Office I am missing?
I know IP Office eth1 will get hit from all sides since it is public, so I built a virtual transparent bridge in front of public IP Office to see who is trying to get in on what ports. Then I can do selective dropping and logging there before the bridge traversal into my IP Office.
So far this is working for me as I don't seem to get anymore login attempts and failures.
Peace
This is so I can use the mobile client and desktop Communicator features of this platform properly out in the public.
I have been watching my IP Office System Status and have noticed several failed registration attempts in the Service Configuration alarms.
One one occasion I also noticed someone had used IP Office Manager from outside the network to try access my IP Office. I have his IP address now.
Anyone else have any similar security issues?
I am an IP Office newbie and by no means a dictator of security in any way and usually try building as per default working spec, but I am interested to find if anyone if anyone else has an easy possible solution to the security issues associated. Or are there features in IP Office I am missing?
I know IP Office eth1 will get hit from all sides since it is public, so I built a virtual transparent bridge in front of public IP Office to see who is trying to get in on what ports. Then I can do selective dropping and logging there before the bridge traversal into my IP Office.
So far this is working for me as I don't seem to get anymore login attempts and failures.
Peace