What should be the qualifications before installing vicidia

Any and all non-support discussions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

What should be the qualifications before installing vicidia

Postby B.lee2 » Sat Feb 16, 2013 10:42 pm

...for other people?

I can install vici but I must admit I don't have a lot of experience espescially in linux security. Plus my knowledge of networking is kind of limited, I know the basics but I don't know how to program a cisco switch or router.I can get people who can do it for me, but it's really not my forte.

I have confidence in my sales ability, that's not the problem. I know people in telemarketing that even if I setup something really basic without a PBX or fancy features, they'll be real happy. Simply because they don't know squat about computers.

I can follow the instructions about hardening vici on this forum,

but to paraphrase Donald Rumsfeld

beyond this, "I don't know what I don't know".

So what should I be really be comfortable in before doing this for other people? And (most importantly) how can I cover my behind if something goes wrong or some superhacker for some reason gets past the switch/router security and start messing around the LAN?

Honestly, I kind of like goofing around with vicidial, I am considering it as a sideline but I just want to know if it's something that I can realistically pursue or if I have the time to do so
Vicibox Redux v3.1.14 from iso | Vicidial 2.4-355a BUILD 120118-2113 | Asterisk 1.14.39.2| Single Server | No Digium/Sangoma Hardware | No Extra Software After Installation | No clue what the motherboard is | Intel Pentium(R) 4 CPU 3.00 Ghz
B.lee2
 
Posts: 116
Joined: Mon Dec 19, 2011 1:25 pm

Re: What should be the qualifications before installing vici

Postby Vince-0 » Mon Feb 18, 2013 2:37 am

As with any F/LOSS project, get budget to include commercial support. That way you have an escalation point if you get stuck. Get the manuals, especially the manager's manual for functionality.

Core competencies should include Asterisk troubleshooting, security as well as MySQL scaling troubleshooting. The easiest way to get hacked is to have an open Asterisk server exposed to the Internet and so your SIP accounts will start being brute-forced - get to know your firewall/network, logs and fail2ban.
You should be comfortable with backups and restoring so that you have something to fall back on should there be a problem with the data.
--
Vin
Vince-0
 
Posts: 272
Joined: Fri Mar 02, 2012 4:27 pm
Location: South Africa

Re: What should be the qualifications before installing vici

Postby williamconley » Mon Feb 18, 2013 4:43 pm

Security is simple: Whitelist access. This requires closing all the ports opened by the installer (yast firewall, be sure to close the individual ports opened in "Advanced"). Then you add "approved IPs" in the "custom" section. At that point, only users with authorized IPs can SEE the server. It is also a good idea to use the configuration files to disable PING and port 113. I've posted these instructions a few times.

We also have a product called "Dynamic Good Guys", which we need to sell only one more time before we have our investment back and can release it to the Vicidial forums. We'll give a copy to Kumba and see if he will include it, but our installer is fairly simple to use even if it isn't included. This app allows easy addition of IPs to the allowed list as well as "Dynamic" remote agent access with a (required) special link (Ideal for iPad access from Starbucks as well as home-based agents whose IP address changes regularly).
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20258
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 18 guests