Where should I block attackers

Features, capabilities, and information about SecAst
Post Reply
User avatar
CRM User
Posts: 174
Joined: Sun Nov 27, 2016 3:41 pm

Where should I block attackers

Post by CRM User » Tue Jan 10, 2017 1:50 pm

It seems easiest to block attackers at the PBX using iptables. Is that the best place to block?
Account for questions transferred from CRM system
User avatar
Telium Support
Posts: 234
Joined: Sun Nov 27, 2016 3:27 pm

Re: Where should I block attackers

Post by Telium Support » Tue Jan 10, 2017 1:55 pm

No. The best place to block attackers is at the network edge; i.e. at your firewall.

Although SecAst supports using iptables to block IP's at the PBX, it does so primarily for testing / prototypes / proof of concepts etc. In general you should not allow attackers that far into your network.

SecAst is designed to block attackers at the firewall, and is compatible with most firewalls through its event handler system. SecAst includes a sample event handler for the 'Mikrotik' and 'pfSense' firewalls, and these scripts can be modified for most other firewalls. We also invite customers to submit their firewall event handlers to become templates for other users.
Post Reply