[asterisk-users] My Asterisk Box was hacked
Захаров Антон
instnt at mail.ru
Thu Jul 21 00:59:49 CDT 2011
Hello!
First of all, you should disable unused VoIP protocols. Than remove all
guest accounts from used protocols, disable guest unauth access.
Always use strong passwords for accounts, for users on your system.
Passwords shouldn't be eq username. Move port binds on LAN network for
all active services as much as you can (i.e. SHH should be on WAN too I
think).
Use iptables for blocking password bruteforce. Try to install fail2ban
with jails for asterisk, ssh, HTTP and other public services. Then you
can try to install PSAD (port scan autodetect) to prevent attacks.
And never use default context in asterisk for word calls directions.
And you should always keep your software up to date. There much more
security issues than you think.
Good Luck!
On 21.07.2011 09:29, Malvin Rito wrote:
> Hi List,
>
> My asterisk box was hacked! Can anyone help on how do I secure my
> asterisk box, currently my box is installed with 2 NIC. 1st NIC is for
> LAN access and 2nd NIC has a public IP which is registered to our VoIP
> Provider.
>
> As I remember I already tried putting our Box on NAT but unfortunately
> due to some issue like call is dropped after 30 seconds and sometimes
> voice are not heard. Then we disable again the NAT.
>
> Your advise will be much appreciated. Thanks in advance.
>
> Regards,
> Malvin
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
More information about the asterisk-users
mailing list