We received the following notice from Allworx regarding a widely dispersed denial of service attack against Allworx systems. Indeed, several of our systems required a reboot this morning. We are developing a stricter firewalling plan. Since there are no details to go on here, would someone please share your approach to firewalling your Allworx systems, assuming they are publicly routeable and were not affected? Thank You. From: Allworx Marketing [mailto:allworxmarketing at allworx.com] Sent: Tuesday, April 08, 2014 1:17 PM To: <removed> Subject: Allworx Technical Support Advisory Allworx Technical Support Advisory Last night, a number of installed Allworx servers were subject to what closely resembles a denial of service attack from an unknown source. These events do not appear to be focused on a specific service provider or Allworx software release but can result in an Allworx system becoming unresponsive. We have mobilized all of our technical resources to investigate the specific nature of these attacks. If you, or any of your installed customers, are experiencing outages that appear to be the result of a denial of service attack, please be advised that a reboot of the server will typically restore the server to full operational status. * Per our Technical Support department, the correct process to reboot the server is to press the power button on the server for more than one second - but not more than 4 seconds. The server will start its shutdown process and the power light blinks green to confirm it is powering down. Please allow sufficient time for the server to complete its power down cycle. Depending on the server, this process will vary in length of time from a few seconds to a few minutes. After several minutes, if the server has not properly shutdown, you can force a shutdown by holding the power button for more than 5 seconds or pulling the AC power cord. Caution: Rebooting the server this way could cause database corruption conditions causing further service disruption. Start the server by pressing the power button for more than one second. The server will restart, and methodically start the process to register the phones. Depending on the size of the system and number of handsets this process will take several minutes. We apologize for any inconvenience to you and any of your customers who may be affected. We are working diligently to determine the source of these attacks and mitigate their impact on our system. You will receive additional updates as we learn more. -- Dan White