[asterisk-users] (no subject)
Adrian Marsh
Adrian.Marsh at ubiquisys.com
Thu Mar 18 19:19:19 CDT 2010
Hello,
I'm looking for some advice on securing Asterisk.
Recently my servers been under several brute-force SIP attacks.
I have several remote sites, as well as many roaming users, who may have
PC softclients and/or SIP based hardphones.
My first step will be to strengthen the passwords in use, and for the
hardphones to restrict by IP address, but that still leaves the
softphone quite widely open.
Does Asterisk 1.6 have anything in it that can automatically block out
an attacking IP, say if it receives several 20 or so failed attempts
from that IP in x minutes?
I haven't looked at Secure SIP in quite a while, is that now integrated
into 1.6 ?
One thing that's confusing me in my config, is that I thought that if I
set NAT=no in sip.conf, then I wouldn't be able to connect to that SIP
account unless I was on the local LAN, specified by locallan= However
in some testing, I'm finding that I can still connect from an external
SIP client.
Also, I tried setting one SIP account from host=dynamic to
host=<ipaddr>, and when that client tried to register, then Asterisk
complained that the account wasn't supposed to be trying to register.
My next step is also to upgrade my Asterisk itself up to the latest
stable 1.6
Any other suggestions?
Thanks,
Adrian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100319/1265f8aa/attachment.htm
More information about the asterisk-users
mailing list