[Asterisk-bsd] Asterisk Server Hacked
Frank Griffith
glassdude45 at yahoo.com
Sun Aug 29 19:44:12 CDT 2010
How can I tell from /var/log/asterisk/cdr-csv/Master.csv if a call was made
using one of my existing asterisk accounts or was made from a DID that my VOIP
provider furnishes. The provider is claiming that my server was brute force
attacked. I think that my extensions.conf file had a hole in it which allowed
someone to dial the DID number and then dial out. I'm pretty sure of the DID
weakness and just wasn't aware that someone has got a hold of it. But is my
asterisk server has been compromised, that would surprise me.
My asterisk server is behing a firewall natd server. I only have a few user
accounts on it and the passwords for them are very cyrptic. I don't doubt
anything these days but I'm just not sure how to confirm how the hackers are
getting in.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-bsd/attachments/20100829/379c731a/attachment.htm
More information about the Asterisk-BSD
mailing list