[asterisk-users] FW: Under heavy attack

Jai Rangi jprangi at gmail.com
Tue Nov 2 13:57:07 CDT 2010 

Asterisk security has always been a big concern. I am sure most of asterisk
pros have taken care of these type of attacks. For non pros I am sharing a
shell script here.

http://www.didforsale.com/blog/?p=253

If you care feel free is use it.

-Jai



On Tue, Nov 2, 2010 at 9:27 AM, Cary Fitch <caryf at usawide.net> wrote:

>
>
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of jon pounder
> Sent: Tuesday, November 02, 2010 10:24 AM
> To: asterisk-users at lists.digium.com
> Subject: Re: [asterisk-users] FW: Under heavy attack
>
>
> >
> > I'm still on old-fashion copper-wire and "have yet to experience the joy"
> of
> > SIP Trunk-"ing" and the type of issues discussed in this thread.  My
> thought
> > to share here is that outgoing calls should be "easy" for thoroughly
> > authenticated users and impossible for others...
> >
> > Probably more can-o-worms than help.  Sorry if this is so.
> >
> >
> >
>
> nothing new here, this is just the digital equivalent of a wats line
> with a weak access code for outbound access.
> the difference is code guessing can be a lot more aggressive now, and
> finding the inbound path is simpler.
>
> ==================
>
> Each system needs to be configured according to its purpose and needs.
> Simply these are phone systems, not e-mail or web servers.  You may want to
> be able to get mail from (almost) anywhere in the world, same for web
> services.
>
> But for a phone system you may have very different needs.  One can
> visualize
> the differences between a national or international VOIP provider, a 4
> person office in Little Rock, AR, a local SIP provider in Houston, TX and
> an
> international sales company with offices in Rome Italy.
>
> A small sip system used with an upstream VOIP provider should be invisible
> to 99.9999% of the world's population. (Excepting any other trusted peers.)
>
> If there was a wide spread peering network and an individual system
> wanted/needed to access and be accessed like email then it would be a
> different world.  We could all be robo-call spammed just like email. :-(
>
> But leaving small systems open for attack from 99.9999 percent of the world
> is just begging for trouble.
>
> Cary Fitch
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101102/d22a24b6/attachment.htm

More information about the asterisk-users mailing list