How to lock your system

Discussion in 'General' started by DaveD, Apr 4, 2010.

  1. DaveD

    Joined:
    Nov 12, 2007
    Messages:
    597
    Likes Received:
    0
    It appears that a config is missing in most flavors of asterisk that the hackers are exploiting.

    You can test if you are open to the exploit here http://www.sinologic.net/proyectos/aste ... kSecurity/

    To secure is relatively easy

    Under General settings make sure allow anonymous Sip is set to no

    Next under /etc/asterisk/

    Edit sip_general_additional.conf

    Add allowguest=no

    And reload sip

    Re Test using above site

    This should stop your sip@ attacks on your system

    But as with most security the more you have the less chance of getting that dreaded phone bill

    I still run fail2ban which has served me well
     
  2. fmvillares

    Joined:
    Sep 8, 2007
    Messages:
    1,785
    Likes Received:
    0
    hi men a correction...its not a lacking option...if you at first time negate this some providers dont work...it s a security concern yes...but if you dont know what you re using and its concerns...you cant use voip...

    asterisk and elastix is not for newbies...you could lose a lot of money in bad installs.
     
  3. DaveD

    Joined:
    Nov 12, 2007
    Messages:
    597
    Likes Received:
    0

    The problem is Elastix has become so easy for people to get running , so you are going to get a lot of newbies and they need to be educated about locking the system instead of default setups.

    If you Educate people about the security concern you make your product better
     
  4. fmvillares

    Joined:
    Sep 8, 2007
    Messages:
    1,785
    Likes Received:
    0
    well ... its like the question...who cames first the egg or the chicken...if i made a product too easy to use many newbies destroy it...but if we intend to educate them or to drive it to the good ways...they fly off and say we are dictators...

    i think IMHO that in a FLOSS project everyone has it place....i was a newbie in asterisk a long time ago and what i did? read. and learn first....after i learn the basics i began to ask to the gurus...from the ground....asking them politely with respect...as a newbie...breaking my head with books, tests and practice i became who i am in the community....

    again the problem is that most newbies want the food digested in her mouths...not to hunt and won the prize of learning...
     

Share This Page