On 18 Oct 2013, at 04:06, John T. Bittner <j...@xaccel.net> wrote:
> Today I was hacked but caught it very quickly. This is the weird part, they
> hacked an IP Auth based account by simply knowing the account name.
>
> How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I used
> a dictionary based account name but how did they bypass the set ip I had
> under the account for this host.
Did the IP show under sip show peer xxx? If it's realtime it's possible to set
it and need to prune it / sip reload.
Steve
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
