<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><DIV>Thanks. I'm still a novice at hardening my asterisk system. I never had any trouble until recently. I think someone found my DID number and that's what the source of the hack is, not actually through my asterisk server. But the VOIP provider is convinced that's how it happened. But wouldn't the /var/log/asterisk/cdr-cvs/Master.csv file show which extension they used. And I'm not seeing any of the illegal calls being logged with an extension in my asterisk sip.conf file. They are logged with an IP address...which again I don't know how to interpret other than running a whois and seeing that alot of them originate from Amsterdam.</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV style="FONT-FAMILY: times new roman, new york, times, serif; FONT-SIZE: 12pt">
<DIV style="FONT-FAMILY: arial, helvetica, sans-serif; FONT-SIZE: 13px"><FONT size=2 face=Tahoma>
<HR SIZE=1>
<B><SPAN style="FONT-WEIGHT: bold">From:</SPAN></B> Tim St. Pierre <tim@communicatefreely.net><BR><B><SPAN style="FONT-WEIGHT: bold">To:</SPAN></B> Asterisk on BSD discussion <asterisk-bsd@lists.digium.com><BR><B><SPAN style="FONT-WEIGHT: bold">Sent:</SPAN></B> Sun, August 29, 2010 9:07:07 PM<BR><B><SPAN style="FONT-WEIGHT: bold">Subject:</SPAN></B> Re: [Asterisk-bsd] Securing Asterisk with a DID<BR></FONT><BR>-----BEGIN PGP SIGNED MESSAGE-----<BR>Hash: SHA1<BR><BR>You mean, you didn't before?<BR><BR>I wouldn't really call them a terrorist if there was nothing stopping them from dialing through your<BR>system. Oppertunist, unscrupulous perhaps. Terrorists generally try to cause mass destruction or<BR>panic in a large group of people.<BR><BR>At any rate, it isn't hard.<BR><BR>You could use vm_authenticate, which will authenticate based on the voice mail password, or just<BR>plain authenticate.<BR><BR>You should also do some pattern
matching on the numbers that are input, before the call is sent back<BR>out. Do you really need to call anywhere in the world, or just certain places? You could restrict<BR>the destinations, which might save you if someone figures your password out.<BR><BR>- -Tim<BR><BR>Frank Griffith wrote:<BR>> I have a DID with a VOIP provider which has worked pretty well. Until<BR>> some terrorist of some one of similar liking discovered it and used up<BR>> all my credits calling Israel, Morroco and Cuba. I would like to find<BR>> out how to be able to setup this DID so that only I could call into it<BR>> and access my service for making outside calls. I could disable this all<BR>> together but then that defeats my reason for needing the DID in the<BR>> first place. Is there a way to perhaps password protect this, that is<BR>> when I call in I have to enter a password before being allowed to dial out?<BR>> <BR>> <BR><BR>-
--<BR>Tim St. Pierre<BR>IP Voice technician<BR>Communicate Freely<BR>1-877-291-8647 x5101<BR>sip:<A href="mailto:5101@communicatefreely.net" ymailto="mailto:5101@communicatefreely.net">5101@communicatefreely.net</A><BR><A href="mailto:tim@communicatefreely.net" ymailto="mailto:tim@communicatefreely.net">tim@communicatefreely.net</A><BR>-----BEGIN PGP SIGNATURE-----<BR>Version: GnuPG v1.4.10 (FreeBSD)<BR>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org<BR><BR>iJwEAQECAAYFAkx7BDoACgkQipVy80Kcc6voswP8DsAyhk4DN4AXSGvDP3fg8pUl<BR>DVM/oUJn2EhWbJPVn8FmLm1E1f3rmtNcAbVVgu69PKRVmyFyM63QWyePRNNQOhVM<BR>P/d11vW9yqdN8H88cFqixekUgF1z/MQnHsriACSCDXV1VUZlbCIC6iP+ZzrYUYXF<BR>y2ChiJba32Bs5vQuTwo=<BR>=K/xS<BR>-----END PGP SIGNATURE-----<BR><BR>-- <BR>_____________________________________________________________________<BR>-- Bandwidth and Colocation Provided by http://www.api-digital.com --<BR><BR>Asterisk-BSD mailing list<BR>To UNSUBSCRIBE or update options
visit:<BR> http://lists.digium.com/mailman/listinfo/asterisk-bsd<BR></DIV></DIV></div><br>
</body></html>