[asterisk-users] My Asterisk Box was hacked
Захаров Антон
instnt at mail.ru
Thu Jul 21 01:55:03 CDT 2011
Yeap, drop out box is normal idea. But it's strongly wired what type of
hack was. If it was only traffic leak without any footsteps in your
system (shell history, files modification time, logs) I don't think that
box couldn't be used any longer. Try to use port knocking (
http://www.portknocking.org/ ) for opening SSH ports for more secure
access.
And if you have enough time, box could be reinstalled. Malvin Rito is
right. Attacker could place rootkit on your system that couldn't easily
detected.
On 21.07.2011 10:31, Steve Edwards wrote:
>> On 21.07.2011 09:29, Malvin Rito wrote:
>
>>> My asterisk box was hacked!
>
> On Thu, 21 Jul 2011, Захаров Антон wrote:
>
>> First of all, you should disable unused VoIP protocols.
>
> Once a box has been hacked you cannot trust anything.
>
> Disconnect the box from the network, save whatever DATA ONLY you
> cannot live without, DBAN the disk and start over.
>
> Before you re-install the OS, read up on what you should have done the
> first time.
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110721/256701e5/attachment.htm>
More information about the asterisk-users
mailing list