[Asterisk-bsd] Securing Asterisk with a DID

Frank Griffith glassdude45 at yahoo.com
Mon Aug 30 14:16:27 CDT 2010


Ok, so let me see if I understand this now....

someone could have done something like this from their SIP phone or asterisk 
console

dial/SIP/my_IP_ADDRESS/01159721232

and my dial plan of course let them out because I'm a lazy hack who hasn't yet 
tightened up on the security. Honestly, I've read TFOT volume 2 many times and 
never would have known it would be that easy. I am working on tightening up the 
dial plan now. It's been working for me for several years now but only in the 
last few weeks did anything go wrong.




________________________________
From: Vahan Yerkanian <vahan at arminco.com>
To: Asterisk on BSD discussion <asterisk-bsd at lists.digium.com>
Sent: Mon, August 30, 2010 2:38:37 PM
Subject: Re: [Asterisk-bsd] Securing Asterisk with a DID

On 8/30/10 11:13 PM, Frank Griffith wrote: 
Well obviously there is a remote SIP connecting. But my server is not setup to 
allow any remote connections. According to the VOIP provider I've been brute 
force attacked yet Asterisk leaves no log information as to which account was 
logged into. Thus I'm still stuck trying to figure out what happened.
>Let me repeat, the fact that you have _011X. in your [default] context proves 
>that your Asterisk installation is an open door to anyone to dial it from a 
>remote location without passing authentication, unless you have permit/deny 
>rules to block world.

Vahan



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-bsd/attachments/20100830/a0ec83de/attachment.htm 


More information about the Asterisk-BSD mailing list