[Asterisk-bsd] Securing Asterisk with a DID
Frank Griffith
glassdude45 at yahoo.com
Mon Aug 30 14:16:27 CDT 2010
Ok, so let me see if I understand this now....
someone could have done something like this from their SIP phone or asterisk
console
dial/SIP/my_IP_ADDRESS/01159721232
and my dial plan of course let them out because I'm a lazy hack who hasn't yet
tightened up on the security. Honestly, I've read TFOT volume 2 many times and
never would have known it would be that easy. I am working on tightening up the
dial plan now. It's been working for me for several years now but only in the
last few weeks did anything go wrong.
________________________________
From: Vahan Yerkanian <vahan at arminco.com>
To: Asterisk on BSD discussion <asterisk-bsd at lists.digium.com>
Sent: Mon, August 30, 2010 2:38:37 PM
Subject: Re: [Asterisk-bsd] Securing Asterisk with a DID
On 8/30/10 11:13 PM, Frank Griffith wrote:
Well obviously there is a remote SIP connecting. But my server is not setup to
allow any remote connections. According to the VOIP provider I've been brute
force attacked yet Asterisk leaves no log information as to which account was
logged into. Thus I'm still stuck trying to figure out what happened.
>Let me repeat, the fact that you have _011X. in your [default] context proves
>that your Asterisk installation is an open door to anyone to dial it from a
>remote location without passing authentication, unless you have permit/deny
>rules to block world.
Vahan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-bsd/attachments/20100830/a0ec83de/attachment.htm
More information about the Asterisk-BSD
mailing list