How to lock your system

DaveD

Joined
Nov 12, 2007
Messages
597
Likes
0
Points
16
#1
It appears that a config is missing in most flavors of asterisk that the hackers are exploiting.

You can test if you are open to the exploit here http://www.sinologic.net/proyectos/aste ... kSecurity/

To secure is relatively easy

Under General settings make sure allow anonymous Sip is set to no

Next under /etc/asterisk/

Edit sip_general_additional.conf

Add allowguest=no

And reload sip

Re Test using above site

This should stop your sip@ attacks on your system

But as with most security the more you have the less chance of getting that dreaded phone bill

I still run fail2ban which has served me well
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#2
hi men a correction...its not a lacking option...if you at first time negate this some providers dont work...it s a security concern yes...but if you dont know what you re using and its concerns...you cant use voip...

asterisk and elastix is not for newbies...you could lose a lot of money in bad installs.
 

DaveD

Joined
Nov 12, 2007
Messages
597
Likes
0
Points
16
#3
fmvillares said:
hi men a correction...its not a lacking option...if you at first time negate this some providers dont work...it s a security concern yes...but if you dont know what you re using and its concerns...you cant use voip...

asterisk and elastix is not for newbies...you could lose a lot of money in bad installs.

The problem is Elastix has become so easy for people to get running , so you are going to get a lot of newbies and they need to be educated about locking the system instead of default setups.

If you Educate people about the security concern you make your product better
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#4
well ... its like the question...who cames first the egg or the chicken...if i made a product too easy to use many newbies destroy it...but if we intend to educate them or to drive it to the good ways...they fly off and say we are dictators...

i think IMHO that in a FLOSS project everyone has it place....i was a newbie in asterisk a long time ago and what i did? read. and learn first....after i learn the basics i began to ask to the gurus...from the ground....asking them politely with respect...as a newbie...breaking my head with books, tests and practice i became who i am in the community....

again the problem is that most newbies want the food digested in her mouths...not to hunt and won the prize of learning...
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,902
Messages
130,886
Members
17,563
Latest member
dineshr
Top