[asterisk-users] Am I cracked?

Luca Bertoncello lucabert at lucabert.de
Mon Jun 8 15:09:02 CDT 2015


Kevin Larsen <kevin.larsen at pioneerballoon.com> schrieb:

> Based on SIP packets coming in from IP addresses you don't recognize, 
> while you may not be hacked, you would seem to have people probing your 

I think, too, it's someone probing my IP...

> system. One thing you can do at the firewall level is restrict inbound sip 
> communications to only those from your external phone providers. Depending 
> on their setup, they should be able to give you an IP, a range of IPs or a 
> name that can be used (i.e. sip.myphoneprovider.com). If you restrict your 

This is not really possible, since I'll login on my Asterisk from many
Providers...

> inbound sip to that, it will be very helpful. Also, there are further 
> steps you can take to harden your systems. An internet search will bring 
> up many, but here are a couple of good ones:
> 
> http://blogs.digium.com/2009/03/28/sip-security/
> http://www.ipcomms.net/blog/70-11-steps-to-secure-your-asterisk-ip-pbx
> http://nerdvittles.com/?p=580

OK, I set alwaysauthreject = yes and I discovered a allowguest, which I set
to "no", too.
The PBX is behind a Firewall and I just allow UDP 5060 and 10000-10100.
Now I log the SIP-pakets coming from Internet, too...

Hopefully I solved my problem...

Thanks
Luca Bertoncello
(lucabert at lucabert.de)



More information about the asterisk-users mailing list