So, I have had a new Rentpbx host up for a few months, and I installed and secured it with Travelinman3 even before I let Asterisk start running. Or more correctly before I restarted it, after the install as the install does leave it running, so my first step was to shut it down hard and then block everything in iptables except SSH port 22 till I had time to install TM3, or more correctly identify the necessary endpoints and install TM3. Now TM3 is up, but I closed most of the trusted ports as well an just left the specific permits / providers I need for this opened with FQDNs. Now Asterisk seems happy. At least it is passing all the test traffic so far.
That done, I am thinking about various tools I might use to scan the RentPBX instance / host IP for open ports / exposures on a regular basis and thought I would ask what others have done ahead of me.
This is my first box in the cloud / not behind a FW.
============
That done, I am thinking about various tools I might use to scan the RentPBX instance / host IP for open ports / exposures on a regular basis and thought I would ask what others have done ahead of me.
This is my first box in the cloud / not behind a FW.
============
Phone System 