Elastix 2.0 rejecting SSH, HTTPS connections

eNoisy

Joined
Jul 24, 2010
Messages
59
Likes
0
Points
0
#1
Hi,

I hope all the information I'm providing would be enough to get someone to help me.

As I'm relatively new using Linux, I was wondering if someone could help me trying to identify if there is any way (which are the correct logs to check) to see what happened to a remote Elastix 2.0 machine I'm looking after.

Initially it was rejecting SSH connections, it got to the state where it asked me for the root password, however when I entered it (100% sure I was using the correct password) it replied with a message saying that the server was busy to allow connections or was being restarted.
I tried to access it through https, and it didn't work either, the website was not found.

Port forwarding was configured correctly as i could access the machine before.

The system was not taking incoming PSTN calls (OpenVox A1200P), however the users were able to make outgoing calls trough a configured IAX trunk.

Now the system is up and running, as the user had to restart the machine the hard way (by the power button). I made tests and now it is accessible through HTTP, SSH, they can receive PSTN calls.


Thank you.
 

dicko

Joined
Oct 24, 2008
Messages
4,099
Likes
0
Points
0
#2
You have probably been compromised,

check you /var/log/secure file for unwarranted intrusions.
netstat and lsof will help you identify the "alien" processes running (sorry no quick tutorial here. just the man pages)

check the security forum for suggestions as to how to install a firewall and change sshd ports, don't put the /tmp file on a physical drive, use a ram based file system instead or the penetration will usually be maintained over a reboot. install rkhunter or something similar (if it's not too late :) ) and particularly check your cron jobs, especially anything in /tmp, the list goes on but by default Elastix is intrinsically insecure, as are most linux distributions.

good luck

dicko
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,901
Messages
130,885
Members
17,561
Latest member
marouen
Top