[asterisk-users] Sip Registration Hijacking
Larry Moore
lmoore at starwon.com.au
Sat Jan 21 00:34:27 CST 2012
On 20/01/2012 9:36 AM, eherr wrote:
>
> I have a honey pot box with extensions that are not just numbers ie )
>
> 100-MySipUserName
>
> And the passwords are from an openssl generated password ie)
>
> Gq5VNIjDFWIQoUT6
>
>
Is the password stored in sip.conf in plain text or as an MD5?
If it is stored in plain text then it may suggest the hijacker has
greater access to your system than you realise.
My 2-cents worth.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120121/520d7b34/attachment.htm>
More information about the asterisk-users
mailing list