Admin Security
Jump to navigation
Jump to search
Taking care of your server security is really important. Every day there will be people around the globe trying to hack in your system and stole thousand of dollars worth of traffic.
You have several instruments to try to avoid being hacked and to minimize the damage from a successful hacking.
Call Limits
Call limits is the last protection against a successful hacking episode. You can limit how much you are ready to pay if the credentials for an extension or an entire tenant are compromised.
- Extension daily call cost limit** allows you to set a maximal amount of money an extension can use in a single day (from 00:00 to 23:59). If this amount is reached, the extension cannot dialout and a message is shown beside his call history entry. If an extension is compromised, then hackers should be able to use only up to this amount of money. Take in mind it seems to be available in the wild a method to fool asterisk making it to believe a call has been hang up while instead it is still continuining to run on your provider, leaving this option completely useless.
- Tenant daily call cost limit** is the same as above, but extended to all extensions for the provider.
- Tenant monthly call cost limit** is the same as above, but over one month period.
- Route cost limit** is the maximum cost/minute allowed for a route destination. If a route destination has an higher cost, dialing it will be forbidden.
- Abuse Detection** enables a monitoring of international calls. If more than X calls to the same international number are placed in 300 seconds (5 minutes), the extension is blocked