Yeap, drop out box is normal idea. But it's strongly wired what type of
hack was. If it was only traffic leak without any footsteps in your
system (shell history, files modification time, logs) I don't think that
box couldn't be used any longer. Try to use port knocking (
http://www.portknocking.org/ ) for opening SSH ports for more secure
access.
And if you have enough time, box could be reinstalled. Malvin Rito is
right. Attacker could place rootkit on your system that couldn't easily
detected.
On 21.07.2011 10:31, Steve Edwards wrote:
On 21.07.2011 09:29, Malvin Rito wrote:
My asterisk box was hacked!
On Thu, 21 Jul 2011, Захаров Антон wrote:
First of all, you should disable unused VoIP protocols.
Once a box has been hacked you cannot trust anything.
Disconnect the box from the network, save whatever DATA ONLY you
cannot live without, DBAN the disk and start over.
Before you re-install the OS, read up on what you should have done the
first time.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
