Hi,
we had an attack on a server and we don't understand how it was
possible, Asterisk 1.4.28/Debian Lenny 5.1 Attacker came from PALTEL,
network 188.161.128.0/18
Hacked account had following setup:
[111]
type=friend
username=111
context=from-111
host=11.22.33.44
dtmfmode=auto
qualify=yes
On Wed, 2010-01-27 at 11:47 +0100, Administrator TOOTAI wrote:
Hi,
we had an attack on a server and we don't understand how it was
possible, Asterisk 1.4.28/Debian Lenny 5.1 Attacker came from PALTEL,
network 188.161.128.0/18
Hacked account had following setup:
[111]
type=friend
27 jan 2010 kl. 11.47 skrev Administrator TOOTAI:
Hi,
we had an attack on a server and we don't understand how it was
possible, Asterisk 1.4.28/Debian Lenny 5.1 Attacker came from PALTEL,
network 188.161.128.0/18
Hacked account had following setup:
[111]
type=friend
username=111
wins mallow a écrit :
On Wed, 2010-01-27 at 11:47 +0100, Administrator TOOTAI wrote:
[...]
Check your sip.conf
allowguest=no
Guest are allowed and going to a different context. Logs are showing
that calls are going out to the from-111 context, so its this account
which was
Olle E. Johansson a écrit :
27 jan 2010 kl. 11.47 skrev Administrator TOOTAI:
Hi,
we had an attack on a server and we don't understand how it was
possible, Asterisk 1.4.28/Debian Lenny 5.1 Attacker came from PALTEL,
network 188.161.128.0/18
Hacked account had following setup:
Administrator TOOTAI wrote:
Olle E. Johansson a écrit :
27 jan 2010 kl. 11.47 skrev Administrator TOOTAI:
Hi,
we had an attack on a server and we don't understand how it was
possible, Asterisk 1.4.28/Debian Lenny 5.1 Attacker came from PALTEL,
network 188.161.128.0/18
Hacked
On Wed, Jan 27, 2010 at 6:10 PM, Kevin P. Fleming kpflem...@digium.comwrote:
1) When a sip.conf entry is defined as 'type=friend' *and* has a
specific host IP address (not dynamic), we could just ignore the 'user'
part and create only the 'peer' part. This would result in incoming
calls being
Hi Kevin
Kevin P. Fleming a écrit :
[...]
This conversation brings to mind two possible ways we could improve
Asterisk to help users from falling into this trap:
1) When a sip.conf entry is defined as 'type=friend' *and* has a
specific host IP address (not dynamic), we could just ignore the