On Fri, 19 Mar 2010, Adrian Marsh wrote:
I’m looking for some advice on securing Asterisk.
My first step will be to strengthen the passwords in use, and for the
hardphones to restrict by IP address, but that still leaves the
softphone quite widely open.
Asterisk doesn't differentiate between a hard phone and a soft phone. You
can restrict by IP address for soft phones as well.
Does Asterisk 1.6 have anything in it that can automatically block out
an attacking IP, say if it receives several 20 or so failed attempts
from that IP in x minutes?
I'm a 1.2 Luddite, so I can't speak for 1.6.
I think any "brute force" or DOS security policy needs to be implemented
external to Asterisk. I don't think there are any AMI events you could
listen to. I think you are limited to what you can scrounge out of a log
file.
How about setting up a couple of "honey-pot" SIP accounts with obvious
passwords and in the context fire off a user event? Then you could listen
for the event via AMI.
Any other suggestions?
Repost with a meaningful subject -- a blank subject labels you as a newbie
who is probably not worth the time of members with relevant experience.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards [email protected] Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
