[asterisk-biz] sipvicious ... Query about Asterisk / Database / Internet Security Consultancy

Gerrit Jacobsen gjacobsen at x164.com
Tue Apr 9 15:32:26 CDT 2013 

I forgot to mention sipvicious, a tool which is also used by hackers to find open machines.
svmap - this is a sip scanner. Lists SIP devices found on an IP range
svwar - identifies active extensions on a PBX
svcrack - an online password cracker for SIP PBX
svreport - manages sessions and exports reports to various formats
svcrash - attempts to stop unauthorized svwar and svcrack scans
https://code.google.com/p/sipvicious/

not to be confused with
http://en.wikipedia.org/wiki/Sid_Vicious


On Apr 4, 2013, at 6:55 PM, Carlos Ruiz Díaz wrote:

> SIP Server:
> 
> - Don't put your Asterisk server in the same host as your web portal. 
> - Enforce strong password policies for users.
> - If you accept INVITES for unauthenticated users, make sure you properly configure its host IP and prefix.
> - Put a Kamailio/openSIPS in front of both Asterisk and FS to better handle security and attacks attempts (pike module)
> 
> Web Portal:
> 
> - Update to the latest Apache and PHP.
> - If you're using an CMS, update to the latest stable version.
> - If it's your own development. Check for sql injection/XSS, etc. This is specially difficult because it depends on the developer programming skills.
> 
> Database:
> 
> - Your database shouldn't be publicly accessible, unless is strictly necessary (I shouldn't be).
> 
> 
> On Thu, Apr 4, 2013 at 12:46 PM, Matthew J. Roth <mroth at imminc.com> wrote:
> Gerrit Jacobsen wrote:
> >
> > You misunderstood. The idea is to put a honey-trap into the wild which cannot
> > make charged calls. Of course you must isolate it from the rest of your
> > network.
> >
> > Eventually he will anyway put the system into the wild, so better do it when
> > there is no risk of damage.
> 
> I'm not opposed to the idea of a honeypot as an additional layer of security,
> but it's not what I would suggest as the first line of defense to someone
> looking for a consultant to secure their Asterisk deployment.  Locking it down
> properly would require the same knowledge as securing the production setup and
> the risk is high if they make a mistake.
> 
> Regards,
> 
> Matthew Roth
> InterMedia Marketing Solutions
> Software Engineer and Systems Developer
> 
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
> 
> 
> 
> -- 
> Carlos
> http://caruizdiaz.com
> +595981146623
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-biz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-biz/attachments/20130409/6d0d8560/attachment.htm>

More information about the asterisk-biz mailing list