[Asterisk-bsd] Securing Asterisk with a DID
Vince Vielhaber
vev at michvhf.com
Mon Aug 30 14:22:38 CDT 2010
On Mon, 30 Aug 2010, Frank Griffith wrote:
> Ok, so let me see if I understand this now....
>
> someone could have done something like this from their SIP phone or asterisk
> console
>
> dial/SIP/my_IP_ADDRESS/01159721232
>
> and my dial plan of course let them out because I'm a lazy hack who hasn't yet
> tightened up on the security. Honestly, I've read TFOT volume 2 many times and
> never would have known it would be that easy. I am working on tightening up the
> dial plan now. It's been working for me for several years now but only in the
> last few weeks did anything go wrong.
Exactly. And once it was discovered, whoever discovered it made it
a point to tell everybody they know.
Vince.
--
Michigan VHF Corp. http://www.nobucks.net/ http://www.CDupe.com/
More information about the Asterisk-BSD
mailing list