On Tue, Nov 23, 2010 at 06:51:37PM -0500, John Novack wrote:
You should also have, in general:
alwaysauthreject=yes
This seems pretty effective in stopping some hacking
These are simple fixes.
I found it very effective to make sure the handled sip domains don't
contain the ipadress(es) of
Hi Gary,
I went through this process a few times over the past few years.
Theres a few short guides for securing Asterisk, but much of it depends
on your design. If it's a traditional POTs-type PBX then locking down
IPs using firewalls is a great thing, however if you make use of
inbound-SIP
One thing we did to secure remote users is to use SNOM370s and OpenVPN..
--
Singer XJ Wang, Senior System and Database Administrator
The Pythian Group - love your data
http://www.pythian.com
Desk: (613) 565-8696 x298
Cell: (613) 266-3763
On Thu, Nov 25, 2010 at 12:33, Adrian Marsh
On 23 Nov 2010 at 16:54, Joseph (Joseph syscon...@gmail.com) commented about
Re: [asterisk-users] Someone has hacked into our :
On 11/23/10 14:18, Gary Kuznitz wrote:
Thank you for the reply...
Comments below...
On 22 Nov 2010 at 17:23, Tilghman (Tilghman Lesher asterisk-
Thank you for the reply.
On 23 Nov 2010 at 18:51, John (John Novack jnov...@stromberg-carlson.org)
commented about Re: [asterisk-users] Someone has hacked into our :
Gary Kuznitz wrote:
Thank you for the reply...
Comments below...
On 22 Nov 2010 at 17:23, Tilghman (Tilghman
On 11/24/10 10:39, Gary Kuznitz wrote:
Look for allowguest default is yes
I change it to allowguest=no
In addition you might want to restrict some countries in your dial-plan,
here is my list:
This would be great. Can I put this anyplace in extensions.conf?
Or does it need to go after
Thank you for the reply...
Comments below...
On 22 Nov 2010 at 17:23, Tilghman (Tilghman Lesher asterisk-
us...@lists.digium.com) commented about Re: [asterisk-users] Someone has
hacked
into our :
On Monday 22 November 2010 17:10:31 Gary Kuznitz wrote:
I have the log now. I'd like to know
Gary Kuznitz wrote:
Thank you for the reply...
Comments below...
On 22 Nov 2010 at 17:23, Tilghman (Tilghman Lesherasterisk-
us...@lists.digium.com) commented about Re: [asterisk-users] Someone has
hacked
into our :
On Monday 22 November 2010 17:10:31 Gary Kuznitz wrote:
I
On 11/23/10 14:18, Gary Kuznitz wrote:
Thank you for the reply...
Comments below...
On 22 Nov 2010 at 17:23, Tilghman (Tilghman Lesher asterisk-
us...@lists.digium.com) commented about Re: [asterisk-users] Someone has
hacked
into our :
On Monday 22 November 2010 17:10:31 Gary Kuznitz wrote:
_
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Gary Kuznitz
Sent: Monday, November 22, 2010 10:23 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [asterisk-users] Someone has hacked into our system
Blocking udp 5060 in the packet filter in unwanted directions should
keep asterisk from setting up SIP connections.
The real remedy is to figure out how the hacker got in and close the
backdoor.
I think a lot of us would be interested in what was the vulnerability.
And if it turns out that it
Nicholas
Subject: Re: [asterisk-users] Someone has hacked into our system
Thank you for the quick response.
Comments below...
I am not familiar with navigating Asterisk. Would you please help me understand
how
to see the CDR?
Thank you,
Gary Kuznitz
By default, Asterisk keeps the CDR as a flat-file
Use IPTables to lock down your machine to only accept incoming connections from
your local network and from the particular IPs that you are expecting
connections from (such as your SIP trunk, maybe).
That is of course assuming that these calls are made by SIP.
Don't forget to also change all
On 11/22/2010 06:44 PM, Kevin Keane wrote:
Use IPTables to lock down your machine to only accept incoming
connections from your local network and from the particular IPs that
you are expecting connections from (such as your SIP trunk, maybe).
That is of course assuming that these calls are
14 matches
Mail list logo
