Martin, I changed all the passwords to blah so I would not reveal them on this email. The password if much more complex than that. It appears that my problem was that I was allowing guest calls. I have beefed up the security, activated fail2ban, along with other things. But thanks anyways!
Thanks a ton to Phil who pointed me in the right direction! On Tue, 2010-01-12 at 12:08 -0600, Martin wrote: > Lets just say that you turned off the security ... > > [general] > context=default ; Default context for incoming calls > > so everyone that can connect to your IP port 5060 UDP can access > default context... > why would you allow this context to place outgoing calls then ? > > secret=blah > > also you think the bots don't know this password ??? > > Martin > > On Tue, Jan 12, 2010 at 11:43 AM, Juan C. Villa <juan...@villafam.com> wrote: > > Hey guys, > > > > I've been running asterisk on my server for some time now (currently > > running Asterisk 1.6.2.0). I am having security issues with my SIP > > accounts. Unauthorized people have been able to access the server (bots) > > and they have been able to make calls (in today's case to Cuba). > > > > Here's a copy (slightly modified) of my sip.conf: > > > > [general] > > context=default ; Default context for incoming calls > > videosupport=yes > > rtcachefriends=yes > > autocreatepeer=no > > t38pt_udptl=yes > > > > allowoverlap=no > > udpbindaddr=0.0.0.0 > > srvlookup=yes > > ;pedantic=yes > > > > disallow=all > > allow=alaw > > allow=ulaw > > allow=speex > > > > [1001] > > type=friend > > username=1001 > > secret=blah > > subscribecontext=default > > regexten=1001 > > callerid="blah" <XXXXXXXXXX> > > host=dynamic > > nat=yes > > canreinvite=no > > mailbox=1...@default > > registertrying=yes > > > > [testuser] > > type=friend > > secret=blah > > callerid="blah" <XXXXXXXXX> > > host=dynamic > > nat=yes > > qualify=yes > > allowsubscribe=yes > > canreinvite=no > > context=default > > > > > > [testuser2] > > type=friend > > username=testuser2 > > secret= > > callerid="blah" <blah> > > host=dynamic > > nat=yes > > qualify=yes > > allowsubscribe=yes > > canreinvite=no > > context=default > > > > > > Someone is able to connect to my server and make a call since they can > > access the default context. What should I do? > > > > Thanks guys! > > > > > > > > > > > > > > -- > > _____________________________________________________________________ > > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > > > asterisk-users mailing list > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-users > > > -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users