[Asterisk-bsd] Securing Asterisk with a DID
Vahan Yerkanian
vahan at arminco.com
Mon Aug 30 13:38:37 CDT 2010
On 8/30/10 11:13 PM, Frank Griffith wrote:
> Well obviously there is a remote SIP connecting. But my server is not
> setup to allow any remote connections. According to the VOIP provider
> I've been brute force attacked yet Asterisk leaves no log information
> as to which account was logged into. Thus I'm still stuck trying to
> figure out what happened.
Let me repeat, the fact that you have _011X. in your [default] context
proves that your Asterisk installation is an open door to anyone to dial
it from a remote location without passing authentication, unless you
have permit/deny rules to block world.
Vahan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-bsd/attachments/20100830/db9736bd/attachment.htm
More information about the Asterisk-BSD
mailing list