I understand the attack before everything is installed. I have some questions about the security in incredible PBX...
1> What ever happened to the code where you could lock out by country? Was that found to be flawed? It seemed to work very well for me..
2> I've had an older, production PIAF at RentPBX since they started the business. I have a lot of users, all over the country. I use VERY strong passwords. Yeah, I get a lot of SSH attempts. I run the web server on an odd port. Since I've started, I had one security breach -- not on the PBX -- on a forgotten temp subaccount on voip.ms. Luckily, their alarms and caught it within a few minutes, and I got rid of the account. You have to be extremely diligent with passwords! Anyway, my point being is I have no port knocker or extremely locked down PBX and it's been great.
3>So, is there a way to set up Incredible PBX so it is not so locked down? I'm not a firewall expert, but I'm sure I can edit the rules.
What i'd like is: no anonymous access, if still available, the geo-based ip locking.
The purpose being: I want to send a ip phone or ATA to a customer/family/fried and not have to know what IP they will be accessing from. Sometimes the client is mobile/laptop around the world (except China) and I'd still like to provide that access.