[asterisk-users] Hack
Mark Murawski
markm-lists at intellasoft.net
Fri Oct 18 10:17:34 CDT 2013
On 10/17/13 23:06, John T. Bittner wrote:
> Today I was hacked but caught it very quickly. This is the weird part,
> they hacked an IP Auth based account by simply knowing the account name.
>
>
> How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I
> used a dictionary based account name but how did they bypass the set ip
> I had under the account for this host.
>
Any chance your sip peer was configured like this?
[accountname]
host=10.9.8.7
Without seeing your settings it's quite difficult to come up with
accurate possibilities of what happened.
The above example will allow *all* ip addresses with no password!.
Because there is no permit+deny (you need to use both)
More information about the asterisk-users
mailing list