[asterisk-users] SIP Security

Juan C. Villa juanqui at villafam.com
Tue Jan 12 12:16:53 CST 2010 

Martin,

I changed all the passwords to blah so I would not reveal them on this
email. The password if much more complex than that. It appears that my
problem was that I was allowing guest calls. I have beefed up the
security, activated fail2ban, along with other things. But thanks
anyways!

Thanks a ton to Phil who pointed me in the right direction!

On Tue, 2010-01-12 at 12:08 -0600, Martin wrote:
> Lets just say that you turned off the security ...
> 
> [general]
> context=default                 ; Default context for incoming calls
> 
> so everyone that can connect to your IP port 5060 UDP can access
> default context...
> why would you allow this context to place outgoing calls then ?
> 
> secret=blah
> 
> also you think the bots don't know this password ???
> 
> Martin
> 
> On Tue, Jan 12, 2010 at 11:43 AM, Juan C. Villa <juanqui at villafam.com> wrote:
> > Hey guys,
> >
> > I've been running asterisk on my server for some time now (currently
> > running Asterisk 1.6.2.0). I am having security issues with my SIP
> > accounts. Unauthorized people have been able to access the server (bots)
> > and they have been able to make calls (in today's case to Cuba).
> >
> > Here's a copy (slightly modified) of my sip.conf:
> >
> > [general]
> > context=default                 ; Default context for incoming calls
> > videosupport=yes
> > rtcachefriends=yes
> > autocreatepeer=no
> > t38pt_udptl=yes
> >
> > allowoverlap=no
> > udpbindaddr=0.0.0.0
> > srvlookup=yes
> > ;pedantic=yes
> >
> > disallow=all
> > allow=alaw
> > allow=ulaw
> > allow=speex
> >
> > [1001]
> > type=friend
> > username=1001
> > secret=blah
> > subscribecontext=default
> > regexten=1001
> > callerid="blah" <XXXXXXXXXX>
> > host=dynamic
> > nat=yes
> > canreinvite=no
> > mailbox=1001 at default
> > registertrying=yes
> >
> > [testuser]
> > type=friend
> > secret=blah
> > callerid="blah" <XXXXXXXXX>
> > host=dynamic
> > nat=yes
> > qualify=yes
> > allowsubscribe=yes
> > canreinvite=no
> > context=default
> >
> >
> > [testuser2]
> > type=friend
> > username=testuser2
> > secret=
> > callerid="blah" <blah>
> > host=dynamic
> > nat=yes
> > qualify=yes
> > allowsubscribe=yes
> > canreinvite=no
> > context=default
> >
> >
> > Someone is able to connect to my server and make a call since they can
> > access the default context. What should I do?
> >
> > Thanks guys!
> >
> >
> >
> >
> >
> >
> > --
> > _____________________________________________________________________
> > -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> >
> > asterisk-users mailing list
> > To UNSUBSCRIBE or update options visit:
> >   http://lists.digium.com/mailman/listinfo/asterisk-users
> >
>

More information about the asterisk-users mailing list