[asterisk-users] Hack
John T. Bittner
john at xaccel.net
Thu Oct 17 22:06:26 CDT 2013
Today I was hacked but caught it very quickly. This is the weird part, they hacked an IP Auth based account by simply knowing the account name.
How is this possible? I am running Asterisk 11.5.0. Now it's my fault I used a dictionary based account name but how did they bypass the set ip I had under the account for this host.
This also happened with fail2ban running and I pay for Humbug . Nothing caught it. Its just chance that I happen to be in the CLI and noticed it.
In a span of 30 minutes they had made over $200 worth of calls all to the same number .
Anyone have any idea on this and any ideas on preventing this.
John Bittner
CTO
[cid:image003.png at 01CECB8D.765B3840]
380 US Highway 46, Suite 500
Totowa, NJ 07512
Phone: 201.806.2602 x2405
Fax: 201.806.2604
Cell: 973.390.1090
www.xaccel.net<http://www.xaccel.net/>
CONFIDENTIALITY NOTICE:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential
and privileged information which should not be shared or forwarded. Any unauthorized review, use, disclosure or distribution
is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the e-mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20131018/e16c7ea5/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 6839 bytes
Desc: image003.png
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20131018/e16c7ea5/attachment.png>
More information about the asterisk-users
mailing list