[asterisk-biz] PBX got Hacked

Steve Totaro stotaro at totarotechnologies.com
Tue Mar 10 06:43:43 CDT 2009


On Tue, Mar 10, 2009 at 7:15 AM, Trixter aka Bret McDanel <
trixter at 0xdecafbad.com> wrote:

> On Tue, 2009-03-10 at 04:52 -0400, voip-asterisk at maximumcrm.com wrote:
> > Of course everyone running Asterisk can get 3 humans to monitor the logs
> > 24/7 for the signs of an attack.
> >
>
> well if they do it right they dont have to do that, but that does make a
> good argument of why no one should monitor their logs ever, oh wait no
> it doesnt.
>
>
>
> > Has anyone actually seen an attack with spoofed IPs anyways?
>
> yes, several in fact.  I even wrote a program that would "smurf" from
> asterisk and other platforms which relied on spoofed IPs to get the
> asterisk box to send data to the victim IP, so I am fairly certain that
> such things do exist.
>
>
> --
> Trixter http://www.0xdecafbad.com     Bret McDanel
> pgp key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8AE5C721
>

I think nat=yes mitigates these security risks (and makes things MUCH easier
to configure and maintain.)

Logic seems sound and I have never had any issues with remote or local
phones, so I still vote nat=yes becomes the default.

http://www.mail-archive.com/asterisk-users@lists.digium.com/msg214006.html

-- 
Thanks,
Steve Totaro
+18887771888 (Toll Free)
+12409381212 (Cell)
+12024369784 (Skype)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-biz/attachments/20090310/42f9f6ae/attachment.htm 


More information about the asterisk-biz mailing list