[asterisk-users] asterisk security....again
Steven Howes
steve-lists at geekinter.net
Mon Feb 28 04:39:57 CST 2011
On 28 Feb 2011, at 10:33, Rizwan Hisham wrote:
> The problem I have been experiencing since last month is that some of my customers are getting calls with "Asterisk <Unknown>" caller id. Most of them in the middle of the night. And my asterisk server has no record of these calls. The customers were getting irritated as you can imagine. I guessed the only way to receive incoming calls by by-passing the registration server is thru sip-uri calls directly to customers. I have updated the customers atas to not accept any calls from sources other than the registration server. Thats all fine now. But the question is how can anyone know the direct sip uri addresses of our customers.
'asterisk security' is a misleading subject line. Guessing someone just scanned some IP addresses and made calls. You need what's called a 'firewall'.
> My guess is that someone has been sniffing my server's sip traffic. In that case what should i do to get rid of the sniffers?
It's hard to sniff without being on a network. Most likely they brute forced something?.. Get a firewall, and something to look for brute force attacks.
S
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110228/78ebec58/attachment.htm>
More information about the asterisk-users
mailing list