[Asterisk-bsd] Asterisk Security Questions

[Frank Griffith]

I have been noticing in my /var/log/asterisk/messages file that some a**holes are trying to break-in to my asterisk server. They are using some kind of brute force method that tries every four digit and three digit extensions available. Of course, they don't get in because the passwords used for my accounts are very cryptic. I'm not saying that's the only reason they don't get in, but it's probably the main reason they don't.
 
What is especially disturbing about this is that when trying every possible four digit combination they seem to be able to zero in on the one four digit user account that is on my asterisk server and then start brute forcing different passwords to acces the server. Once again, I want to state my sincere belief that there are so many wonderful challenges in this world to occupy one's time that I just don't understand the criminal or mischievious minds that want to take advantage of others. Still these a**holes are out there and will always be trying something.
 
My questions are:
 
1. How do they seem to zero in on the one valid user account that is present on my server? 
 
2. Is asterisk really that insecure?
 
3. My asterisk server is behind my firewall and I do port forwarding to allow access from outside users, like me from my office. I guess I'm going to have to lock down the asterisk ports only from certain IP addresses but that will limit my use when I'm traveling.
 
Any security suggestions would be appreciated. But even more would be some way to thwart these a**holes and send them packing.


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-bsd/attachments/20081004/a422c77c/attachment.htm