[asterisk-biz] PBX got Hacked
Mike
list at virtutel.ca
Tue Mar 10 12:10:25 CDT 2009
>
> > I guess there should be some configurable options in Asterisk to cover
> > for that. Like 10 consecutive failed login attempts should invoke
> > asterisk to reply a login denied to that IP address and another option
> > that would allow for let's say 5 attempts in 5 minutes and then block
> > the extension for login.
> 1. Should this even be Asterisk's responsibility, when it can already be
> implemented w/ external tools that are much better suited to the task, are
> already well supported and work really well:
Should it? Not in an ideal world; as you suggest, external tools may be
better for this task and it might keep * decluttered of tangential features.
But not having this feature is just asking to be talked about, and in this
case bad publicity (as in "my VoIP company using Asterisk got hacked out of
250,000$" would not be good publicity IMO.
If anything, something in Asterisk-addons would be good enough.
Mike
More information about the asterisk-biz
mailing list