[asterisk-users] one for your filters
Jeff LaCoursiere
jeff at sunfone.com
Wed Jun 23 13:08:26 CDT 2010
On Wed, 23 Jun 2010, Gordon Henderson wrote:
> On Wed, 23 Jun 2010, Jeff LaCoursiere wrote:
>
>> Some !@$#@@# in the Czech Republic used one of our SIP accounts to place
>> four thousand calls to what appears to be a toll number in Zimbabwe last
>> night. Filter 82.150.165.5.
>>
>> A more overriding problem for me is how do we know what *destinations* to
>> filter so this idea of war dialing a toll number is something we can
>> cutoff before it gets to our upstream provider? Is there some collected
>> list of toll prefixes that I can filter on?
>
> How did they guess the SIP username and password? That's what I'm more
> concerend about...
>
> Gordon
>
I'm still trying to figure that out. Our SIP usernames are seven digit
phone numbers, so not really difficult to guess, but the passwords are 7
char alpha-numeric strings, auto generated. We don't at present restrict
people to their addresses, as some are dynamic.
j
More information about the asterisk-users
mailing list