[asterisk-biz] Hacker's attack on Asterisk by thses addresses "66.7.197.76" and "200.90.72.141"
Steve Totaro
stotaro at totarotechnologies.com
Sun Sep 6 20:47:55 CDT 2009
On Sun, Sep 6, 2009 at 7:50 PM, Faiz Rehman <faiz_grw at yahoo.com> wrote:
> Hi
>
> IMy asterisk has been hacked my this IP "66.7.197.76". When i blocked this
> ip from Linux Firewall then he tried to attack from 2nd IP "200.90.72.141".
> He fhound one my extension with a weak password and started dialing out.
> Thanks
>
> Faiz
>
>
> Since this is the biz list, I would expect that you are an ITSP? Why not
only allow customer IPs and block the rest.
If you cannot do that, why not add a alpha character to your extensions.
Instead of 101, make it z101 or whatever.
Bottom line, don't have weak credentials or firewall rules.
--
Senior Systems and Network Administrator
Triple Canopy, Inc.,
2250 Corporate Park Drive, Suite 300
ph. +1.703.673.5191
mob.+1.240.938.1212
FAX.+1.703.673.1279
steve.totaro at triplecanopy.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-biz/attachments/20090906/77eb5c82/attachment.htm
More information about the asterisk-biz
mailing list