[asterisk-users] aSTERISK / Vicidial systems over 4MB fiber

Mark Adams admin at infinity-marketing.com
Thu Jun 12 03:23:46 CDT 2008


I appreciate the responses thus far but I am looking to find out what type
of security I should implement for the future. Being new to linux, not to
mention asterisk I didn't realize that someone could brute force into the
box and upload crap. With that in mind it seems that I would want to get a
hardware firewall such as a hotbrick or a sonicwall firewall. 

My situation seems unique because I am not using a router even at this
point. I was given a sheet of ip addresses and was told just to provision by
devices with the given ip's and they would handle the rest. My devices are
hooked directly to their switch in my location. 

This hasn't been an issue up until now because I only had analog (mediatrix
and audiocodes 24 port gateways x 4) connected to the switch. Now I am going
to a software based dialer (i.e. asterisk/ vicidial) and have run into these
problems. 

Thanks again, 

Mark 



-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steve Edwards
Sent: Wednesday, June 11, 2008 11:25 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber

On Wed, 11 Jun 2008, Mark Adams wrote:

> (I know there are security issues as they have been additional users 
> created on my server and irc junk was put in the home folder)

If the box has been compromised, the only recourse is to erase the drives 
and start over. You can't trust anything on the box.

Off the top of my head, this is how I would approach the problem.

1) Identify how the box was compromised. (A client box was recently (last 
30 days) hacked. It was an old AAH installed by the client. The hacker 
used the default password on the admin account to exploit a buffer 
overflow in crond to gain root.)

2) Save any essential data -- and only the data, no executables.

3) Take the box off the Internet.

4) Boot DBAN and let it do it's thing.

5) Install a minimal OS from CD/DVD.

6) Clean up after the install -- turn off services, delete users, delete 
packages, add packages, etc.

7) Bring up to current patch level from your private repository.

8) Expose the box to the Internet.

9) Cross your fingers and actively monitor the box.

Thanks in advance,
------------------------------------------------------------------------
Steve Edwards      sedwards at sedwards.com      Voice: +1-760-468-3867 PST
Newline                                             Fax: +1-760-731-3000

_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list