On Tue, 10 Mar 2009, Trixter aka Bret McDanel wrote: > On Tue, 2009-03-10 at 05:40 +0000, Vikram Rangnekar wrote: >> The main reasons for all this brute force hacking of Asterisk (a new >> phenomenon) is the proliferation of Asterisk (obviously) and configurations >> where the extension is the same as the authentication credentials for the >> phones (My extension is 100 my pin is 1234 and I use this for my voicemail as >> well as for authenticating my phone with the server) >> >> Ok well its possible your pin if 3214 even that does not really matter to a >> brute force attack over SIP where there is no real forced delay between retry >> attempts.
I guess there should be some configurable options in Asterisk to cover for that. Like 10 consecutive failed login attempts should invoke asterisk to reply a login denied to that IP address and another option that would allow for let's say 5 attempts in 5 minutes and then block the extension for login. Make the login attempts number and blocking time configurable, settable system wide with an option to override per extension would close the hole. _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
