New article on Asterisk security

Discussion in 'General' started by wiseoldowl, Mar 27, 2009.

  1. wiseoldowl

    Joined:
    Aug 19, 2008
    Messages:
    251
    Likes Received:
    0
    I found the following posted on the VoIP Tech Chat blog. I've added some comments in bold italics:

    7 Easy Steps to Better SIP Security
    by FRED on MARCH 27, 2009 · 0 COMMENTS

    John Todd (with Digium) sent a great email on SIP Security. Although written towards the Asterisk audience, this email provides a very good guideline towards increasing your VoIP SIP Security. It
     
  2. DaveD

    Joined:
    Nov 12, 2007
    Messages:
    597
    Likes Received:
    0
    Thanks for that list some useful information in there

    Also 1 to add would be create your inbound routes based on trunks
    Than add anyDID/anyCID and set it to hangup or terminate

    Any calls not coming in on the trunks your have defined will terminate the call

    The above worked well for the round of hack attempts we had in Australia last month
     
  3. Patrick_elx

    Joined:
    Dec 14, 2008
    Messages:
    1,120
    Likes Received:
    0
    yes but it will not work if you want to allow inbound enum..

    I'm limiting inbound sip calls to one route only, and I've commented out the include from did direct in extensions_override_freepbx.conf to avoid any extension mapping or sending the incoming call to an unexpected context.

    [from-pstn]
    include => from-pstn-custom
    include => ext-did
    include => ext-did-post-custom
    ;include => from-did-direct
    include => ext-did-catchall
    exten => fax,1,Goto(ext-fax,in_fax,1)
     

Share This Page