On 10/17/13 23:06, John T. Bittner wrote:
Today I was hacked but caught it very quickly. This is the weird part,
they hacked an IP Auth based account by simply knowing the account name.
How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I
used a dictionary based account name but how did they bypass the set ip
I had under the account for this host.
Any chance your sip peer was configured like this?
[accountname]
host=10.9.8.7
Without seeing your settings it's quite difficult to come up with
accurate possibilities of what happened.
The above example will allow *all* ip addresses with no password!.
Because there is no permit+deny (you need to use both)
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
