[asterisk-users] Hacking attempt, Asterisk 1.4
A J Stiles
asterisk_list at earthshod.co.uk
Thu Feb 20 06:06:43 CST 2014
On Thursday 20 Feb 2014, Brynjolfur Thorvardsson wrote:
> Every few weeks we get an attack that lasts about a minute or two,
> resulting in our AGI script being overloaded.
>
> What happens is that somebody seems to be trying to connect from our server
> – in my cdrs log I can see that they use a four digit number for source,
> destination and caller id, e.g.
>
> clid: 7321
> src: 7321
> dst: 7321
> channel: SIP/xx.xx.xx.xx-aaaaaaaa
Assuming that it's the AGI script that is the bottleneck, how about simply
checking in the dialplan that the ${CALLERID(num)} is different from ${EXTEN}
before executing the AGI script?
--
AJS
Answers come *after* questions.
More information about the asterisk-users
mailing list