who had used webphone in freePBX
-
@Dashrender said:
While I understand the thought process here, Have you seen successful attacks on this vector? Completely disabling this does limit some pretty cool options - like VOIPER on your phone acting like a PBX phone.
Through forwarded ports? Yes.
-
@scottalanmiller said:
@Dashrender said:
While I understand the thought process here, Have you seen successful attacks on this vector? Completely disabling this does limit some pretty cool options - like VOIPER on your phone acting like a PBX phone.
Through forwarded ports? Yes.
Yes, through forwarded ports - I can think of nearly no reason to put something directly on the public internet.
Though - that brings up a question - how do you secure cloud services when you buy a server through them? Correct me if I'm wrong, you are pretty much stuck with only using the built-in software firewall on the server, right? Or paying some additional fee for them to NAT/firewall you, if that's even an option.
-
@Dashrender said:
Though - that brings up a question - how do you secure cloud services when you buy a server through them?
Cloud services are not yours to secure.
I assume that you mean "how do you secure a cloud computing instance of IaaS?"
-
@Dashrender said:
Though - that brings up a question - how do you secure cloud services when you buy a server through them? Correct me if I'm wrong, you are pretty much stuck with only using the built-in software firewall on the server, right? Or paying some additional fee for them to NAT/firewall you, if that's even an option.
Different topic IMO, but basically if it is SSH, then you disable password log in and require keys.
For other services, restrict to IP is possible. Finally, long passwords.
-
@Dashrender said:
Correct me if I'm wrong, you are pretty much stuck with only using the built-in software firewall on the server, right? Or paying some additional fee for them to NAT/firewall you, if that's even an option.
If you mean cloud IaaS like Amazon or Rackspace then.... you buy a firewall. With RS, as an example, you get both Cisco Firewall and F5 LoadBalancers to sit in front of your workloads if you want. Plus you typically would build your own application layer that sits in front of other workloads too.
-
@JaredBusch said:
You are wanting to pay for everyone to call whoever they want?
No, the webphone will be able to call only my internal extension (customer service agent's phone) not any number
-
in the HTML code you can remove the keypad and keep only one button (Call Us) kind of pilot number and then the call will be forwarded to all of our agents (set up a dial plan for incoming calls from the webphone to extension 401,402,403...)
-
Have you found a good third party web code option yet?
-
@scottalanmiller said:
Have you found a good third party web code option yet?
Not yet, but i found an option called webRTC in freePBX, it is not a webphone but similar in some sort
-
-
@IT-ADMIN said:
No, the webphone will be able to call only my internal extension (customer service agent's phone) not any number
I realize that. But as I said, it is only s single misconfiguration from an open system. Or even a single PHP/Perl/Javascript exploit away.
