On Sat, 15 Oct 2016, tux john wrote:

Hi. Kinda new to the area and I would like some help please. I have asterisk 11 in my system and I have 10 users and 12 DIDs. One did routed to each user and 2 DIDs for faxing. Everything works fine but I do not have call transfer between extensions and feature access codes. I have read somewhere that enabling call transfer can be a security hole for sip attackers.

Are these incoming calls copper or VOIP?

If you only accept copper calls, make sure Asterisk is only listening to and enforce this policy with another layer dropping any incoming SIP packets at the firewall.

If you only intend to accept calls from your ISP, configure Asterisk to only accept calls from your ISP, and enforce this policy at the firewall.

If you accept calls from everyone, re-think your definition of 'everyone.' It probably does not include Iraq, North Korea, China, Russia, etc. Configure Asterisk and your firewall accordingly.

Beyond this, follow 'best practices' (google for sip best practices -- John Todd did a list years back, Nerdvittles probably will also be a good resource) like long, random user names and passwords, only allow needed features to each class of users, etc.

Thanks in advance,
Steve Edwards       sedwa...@sedwards.com      Voice: +1-760-468-3867 PST

-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016

New to Asterisk? Start here:

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:

Reply via email to