Ok, so let me see if I understand this now.... someone could have done something like this from their SIP phone or asterisk console
dial/SIP/my_IP_ADDRESS/01159721232 and my dial plan of course let them out because I'm a lazy hack who hasn't yet tightened up on the security. Honestly, I've read TFOT volume 2 many times and never would have known it would be that easy. I am working on tightening up the dial plan now. It's been working for me for several years now but only in the last few weeks did anything go wrong. ________________________________ From: Vahan Yerkanian <va...@arminco.com> To: Asterisk on BSD discussion <asterisk-bsd@lists.digium.com> Sent: Mon, August 30, 2010 2:38:37 PM Subject: Re: [Asterisk-bsd] Securing Asterisk with a DID On 8/30/10 11:13 PM, Frank Griffith wrote: Well obviously there is a remote SIP connecting. But my server is not setup to allow any remote connections. According to the VOIP provider I've been brute force attacked yet Asterisk leaves no log information as to which account was logged into. Thus I'm still stuck trying to figure out what happened. >Let me repeat, the fact that you have _011X. in your [default] context proves >that your Asterisk installation is an open door to anyone to dial it from a >remote location without passing authentication, unless you have permit/deny >rules to block world. Vahan
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Asterisk-BSD mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-bsd