[asterisk-users] My Asterisk Box was hacked
Malvin Rito
mrito at mail.altcladding.com.ph
Thu Jul 21 01:19:01 CDT 2011
Thanks. Any link for me to check for the procedure to implement those?
Regards,
Malvin
On 7/21/2011 1:59 PM, Захаров Антон wrote:
> Hello!
>
> First of all, you should disable unused VoIP protocols. Than remove
> all guest accounts from used protocols, disable guest unauth access.
> Always use strong passwords for accounts, for users on your system.
> Passwords shouldn't be eq username. Move port binds on LAN network for
> all active services as much as you can (i.e. SHH should be on WAN too
> I think).
> Use iptables for blocking password bruteforce. Try to install fail2ban
> with jails for asterisk, ssh, HTTP and other public services. Then you
> can try to install PSAD (port scan autodetect) to prevent attacks.
> And never use default context in asterisk for word calls directions.
> And you should always keep your software up to date. There much more
> security issues than you think.
>
> Good Luck!
>
> On 21.07.2011 09:29, Malvin Rito wrote:
>> Hi List,
>>
>> My asterisk box was hacked! Can anyone help on how do I secure my
>> asterisk box, currently my box is installed with 2 NIC. 1st NIC is
>> for LAN access and 2nd NIC has a public IP which is registered to our
>> VoIP Provider.
>>
>> As I remember I already tried putting our Box on NAT but
>> unfortunately due to some issue like call is dropped after 30 seconds
>> and sometimes voice are not heard. Then we disable again the NAT.
>>
>> Your advise will be much appreciated. Thanks in advance.
>>
>> Regards,
>> Malvin
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>> New to Asterisk? Join us for a live introductory webinar every Thurs:
>> http://www.asterisk.org/hello
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>> http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>
>
More information about the asterisk-users
mailing list