[asterisk-users] Someone has hacked into our system
Daniel Tryba
daniel at tryba.nl
Thu Nov 25 09:25:47 CST 2010
On Tue, Nov 23, 2010 at 06:51:37PM -0500, John Novack wrote:
> You should also have, in general:
>
> alwaysauthreject=yes
> This seems pretty effective in stopping some hacking
> These are simple fixes.
I found it very effective to make sure the handled sip domains don't
contain the ipadress(es) of your internet connection(s), by only
explicitly listing internal ipadresses and hostnames. e.g.:
domain=10.2.3.4
domain=sip.example.com
The standard scanners will get a "Not a local domain" error, since they
only try the external ipadress to connect (for now).
--
Daniel Tryba
More information about the asterisk-users
mailing list