[asterisk-users] Security issue

Sun Feb 8 08:30:27 CST 2009

What distribution are you using? Below is a tutorial from the ubuntu 
site but it should give you the basics of setting up iptables rules. I 
have created custom rules for all my servers and the amount of junk 
traffic has been dramatically reduced.

Good Luck!!

https://help.ubuntu.com/community/IptablesHowTo

Jim

Eric Fort wrote:
> use IP tables and start with deny all.  Follow this by allowing only
> the protocols/ports you want and only the source/destination ip's you
> wish to allow.  these can be combined to say allow ssh from anywhere
> but only allow sip (and it's range of ports) to/from a very limited
> set of ip's belonging to say your ITSP.  for users that move about a
> bunch they can use vpn to an allowed subnet.
>
> Eric
>
> On Sat, Feb 7, 2009 at 5:47 PM, oumar ndiaye <ondiaye at antg.com> wrote:
>   
>> David,
>> Thanks in advance. Where do I change the user/peers definition? Is it in the
>> firewall of the OS? In that case that won't work because the server host
>> other services such as ssh http that are open to any IP as long as the user
>> has the correct credentials. Doesn't asterisk itself has built in security
>> filters?
>>
>> If the only choice is to do in the OS's firewall, then I will need to
>> include the port numbers of SIP, IAX in my firewall rules. In this case,
>> which ports should I block to keep unwanted SIP/IAX connections from
>> specific IP's.
>> Thanks.
>>
>> On Sat, Feb 7, 2009 at 9:29 AM, David fire <ddfire at gmail.com> wrote:
>>     
>>> you have many options but you should use it together.
>>> firewall
>>>
>>> in the user/peers definitions add host=<ip>
>>> and/or
>>> deny=0.0.0.0/0.0.0.0
>>> permit=<ip>/<mask>
>>>
>>> change the ip of your server.
>>>
>>> use something like ossec to avoid force brute.
>>>
>>> David
>>>
>>> 2009/2/6 oumar ndiaye <ond4444 at gmail.com>
>>>       
>>>> Is there a way to restrict connection to my asterisk server to users
>>>> based on their IP addresses, and not just password. I have some hackers who
>>>> connect to my server to make illegitimate solicitation calls to people. I
>>>> had to shutdown the server for now until I find a solution. ANY HELP?
>>>> Thanks.
>>>> ond
>>>> _______________________________________________
>>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>>
>>>> asterisk-users mailing list
>>>> To UNSUBSCRIBE or update options visit:
>>>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>>>         
>>>
>>> --
>>> (\__/)
>>> (='.'=)This is Bunny. Copy and paste bunny into your
>>> (")_(")signature to help him gain world domination.
>>>
>>>
>>> _______________________________________________
>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>
>>> asterisk-users mailing list
>>> To UNSUBSCRIBE or update options visit:
>>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>>       
>>
>> --
>> Oumar Ndiaye
>> CTO
>> ANTG Telecom
>> www.antg.com
>> ondiaye at antg.com
>> ondiaye at alum.mit.edu
>> ond4444 at gmail.com
>> Tel: +1-919-291-8742
>>
>>
>> _______________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>     
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
>   