Asterisk security has always been a big concern. I am sure most of asterisk pros have taken care of these type of attacks. For non pros I am sharing a shell script here.
http://www.didforsale.com/blog/?p=253 If you care feel free is use it. -Jai On Tue, Nov 2, 2010 at 9:27 AM, Cary Fitch <ca...@usawide.net> wrote: > > > -----Original Message----- > From: asterisk-users-boun...@lists.digium.com > [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of jon pounder > Sent: Tuesday, November 02, 2010 10:24 AM > To: asterisk-users@lists.digium.com > Subject: Re: [asterisk-users] FW: Under heavy attack > > > > > > I'm still on old-fashion copper-wire and "have yet to experience the joy" > of > > SIP Trunk-"ing" and the type of issues discussed in this thread. My > thought > > to share here is that outgoing calls should be "easy" for thoroughly > > authenticated users and impossible for others... > > > > Probably more can-o-worms than help. Sorry if this is so. > > > > > > > > nothing new here, this is just the digital equivalent of a wats line > with a weak access code for outbound access. > the difference is code guessing can be a lot more aggressive now, and > finding the inbound path is simpler. > > ================== > > Each system needs to be configured according to its purpose and needs. > Simply these are phone systems, not e-mail or web servers. You may want to > be able to get mail from (almost) anywhere in the world, same for web > services. > > But for a phone system you may have very different needs. One can > visualize > the differences between a national or international VOIP provider, a 4 > person office in Little Rock, AR, a local SIP provider in Houston, TX and > an > international sales company with offices in Rome Italy. > > A small sip system used with an upstream VOIP provider should be invisible > to 99.9999% of the world's population. (Excepting any other trusted peers.) > > If there was a wide spread peering network and an individual system > wanted/needed to access and be accessed like email then it would be a > different world. We could all be robo-call spammed just like email. :-( > > But leaving small systems open for attack from 99.9999 percent of the world > is just begging for trouble. > > Cary Fitch > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users