[asterisk-users] Someone has hacked into our system

Singer X.J. Wang wang at pythian.com
Thu Nov 25 11:40:24 CST 2010 

One thing we did to secure remote users is to use SNOM370s and OpenVPN..

--
Singer XJ Wang, Senior System and Database Administrator
The Pythian Group - love your data
http://www.pythian.com
Desk: (613) 565-8696 x298
Cell: (613) 266-3763



On Thu, Nov 25, 2010 at 12:33, Adrian Marsh <Adrian.Marsh at ubiquisys.com>wrote:

> Hi Gary,
>
>
>
> I went through this process a few times over the past few years.
>
> Theres a few short guides for securing Asterisk, but much of it depends on
> your design.  If it’s a traditional POTs-type PBX then locking down IPs
> using firewalls is a great thing, however if you make use of inbound-SIP
> calls from end-user PC clients on the Internet then that’s not always
> possible.
>
>
>
> So heres my recommendations:
>
>
>
> 1) Change the default context name to something like "publicinbound".
>
> 2) Create a context called publicinbound that does basically nothing.
>
> 3) Setup a different context for an peer or friend IAX or SIP, or whatever.
> That way you can see which connection the hackers coming in from.
>
> 4) If you don’t want to firewall off the whole internet, then at least make
> use of fail2ban - it’s a free scripted addon that watches for hacking
> attempts and firewalls them off.
>
> 5) Really really long passwords and usernames - this ones pretty key.   My
> first task was in going through and understanding where all the passwords
> were and changing them.  I now make mine completely random and a min of 30
> chars.
>
> 6) IP restrictions. If a peer or user does have a fixed IP, then define it
> in the appropriate config file.
>
> 7) The alwaysauthreject is good.. helps fumble the hackers.
>
>
>
>
>
>
>
> Thanks,
>
>
>
> Adrian
>
>
>
>
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>

--
The best compliment you could give Pythian for our service is a referral.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101125/2202b127/attachment.htm

More information about the asterisk-users mailing list