Manualshelf

User's Manual

ManualsBrandsPLANET Technology ManualsIP PBXInternet Telephony PBX System
111112113114115116117118119120
Table Of Contents
- 107 -
You may specify the service port number and the maximum packets to be accepted on this port number in a
certain time interval. Except the specified number of packets, more packets sent within the time interval will be
dropped by the IPPBX system.
Intrusion Detection and Prevention
Path: System -> Security Center -> IP Blacklist
IPPBX system uses Fail2Ban to perform intrusion detection. Fail2Ban is an intrusion prevention framework written
in the Python programming language. It works by reading Asterisk logs and some other logs in the IPPBX system,
and uses iptables profiles to block brute-force attempts.
There are 4 default intrusion detection and prevention rules to secure SIP, IAX2, Web and SSH services on your
IPPBX system. And by default all of them are activated to keep your IPPBX system safe.
Each of the intrusion detection and prevention rule is configured with a maximum Illegal Attempts and the
Observation time duration, once the Illegal Attempts reached the given value in the given Observation time
duration, the source IP address of where the illegal attempts coming from will be banned by the firewall for the
given time duration specified in Ban for field. Banned IP will be listed on the IP Blacklist page.
Besides the 4 default rules, if you want to add more rules you can do it on the Firewall page Auto Defense section.