I am looking for advice on best practices. I have had 3 Allworx systems hacked and a number of international calls were made. Some of this is to put my mind at ease because I am changing a lot of settings in the systems. Example; phone admin password gets changed, admin password gets changed, no access to outside lines in voicemail, phones are unable to create via WAN, VPN is used for remote management, etc. Two systems were hacked when a customer put a remote Allworx handset outside of a firewall, and one system had a Grandstream gateway hacked that was on the local network (only Allworx handsets are outside). I am trying to come up with a white paper so I need program items I can change that will work. For instance, has anyone tried to change from the standard SIP port of 5060? Sorry no suggestions. However, any stories that are shared would be appreciated since that often shows where the hack comes from. Thank you.