Asterisk security has always been a big concern. I am sure most of asterisk pros have taken care of these type of attacks. For non pros I am sharing a shell script here. <br><br><a href="http://www.didforsale.com/blog/?p=253">http://www.didforsale.com/blog/?p=253</a><br>
<br>If you care feel free is use it. <br><br>-Jai <br><br><br><br><div class="gmail_quote">On Tue, Nov 2, 2010 at 9:27 AM, Cary Fitch <span dir="ltr"><<a href="mailto:caryf@usawide.net" target="_blank">caryf@usawide.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div><br>
<br>
-----Original Message-----<br>
From: <a href="mailto:asterisk-users-bounces@lists.digium.com" target="_blank">asterisk-users-bounces@lists.digium.com</a><br>
</div><div>[mailto:<a href="mailto:asterisk-users-bounces@lists.digium.com" target="_blank">asterisk-users-bounces@lists.digium.com</a>] On Behalf Of jon pounder<br>
Sent: Tuesday, November 02, 2010 10:24 AM<br>
To: <a href="mailto:asterisk-users@lists.digium.com" target="_blank">asterisk-users@lists.digium.com</a><br>
</div><div>Subject: Re: [asterisk-users] FW: Under heavy attack<br>
<br>
<br>
><br>
</div><div>> I'm still on old-fashion copper-wire and "have yet to experience the joy"<br>
of<br>
> SIP Trunk-"ing" and the type of issues discussed in this thread. My<br>
thought<br>
> to share here is that outgoing calls should be "easy" for thoroughly<br>
> authenticated users and impossible for others...<br>
><br>
> Probably more can-o-worms than help. Sorry if this is so.<br>
><br>
><br>
><br>
<br>
nothing new here, this is just the digital equivalent of a wats line<br>
with a weak access code for outbound access.<br>
the difference is code guessing can be a lot more aggressive now, and<br>
finding the inbound path is simpler.<br>
<br>
</div>==================<br>
<br>
Each system needs to be configured according to its purpose and needs.<br>
Simply these are phone systems, not e-mail or web servers. You may want to<br>
be able to get mail from (almost) anywhere in the world, same for web<br>
services.<br>
<br>
But for a phone system you may have very different needs. One can visualize<br>
the differences between a national or international VOIP provider, a 4<br>
person office in Little Rock, AR, a local SIP provider in Houston, TX and an<br>
international sales company with offices in Rome Italy.<br>
<br>
A small sip system used with an upstream VOIP provider should be invisible<br>
to 99.9999% of the world's population. (Excepting any other trusted peers.)<br>
<br>
If there was a wide spread peering network and an individual system<br>
wanted/needed to access and be accessed like email then it would be a<br>
different world. We could all be robo-call spammed just like email. :-(<br>
<br>
But leaving small systems open for attack from 99.9999 percent of the world<br>
is just begging for trouble.<br>
<font color="#888888"><br>
Cary Fitch<br>
</font><div><div></div><div><br>
<br>
--<br>
_____________________________________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
New to Asterisk? Join us for a live introductory webinar every Thurs:<br>
<a href="http://www.asterisk.org/hello" target="_blank">http://www.asterisk.org/hello</a><br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br>
</div></div></blockquote></div><br>