Zitat von Olivier oza.4...@gmail.com:
2015-06-08 22:35 GMT+02:00 D'Arcy J.M. Cain da...@vex.net:
On Mon, 8 Jun 2015 22:24:33 +0200
Luca Bertoncello lucab...@lucabert.de wrote:
Kevin Larsen kevin.lar...@pioneerballoon.com schrieb:
Basically, they are hoping that you are running the
Zitat von Keith Sloan kei...@vianet.ca:
A J is 100% correct. People hear are very helpful. Though you do not
know who is just lurking and can cause some issues for you. I am
willing to help, but you may find someone who focuses only on
security, and would be a better asset.
On 2015-06-10
2015-06-08 22:35 GMT+02:00 D'Arcy J.M. Cain da...@vex.net:
On Mon, 8 Jun 2015 22:24:33 +0200
Luca Bertoncello lucab...@lucabert.de wrote:
Kevin Larsen kevin.lar...@pioneerballoon.com schrieb:
Basically, they are hoping that you are running the equivalent of a
mail server open relay.
On Wednesday 10 Jun 2015, Luca Bertoncello wrote:
I'm very sorry to write that, but these answers are really NOT helpful...
I searched two days long how can I check it and didn't found anything
useful...
Could someone suggest me a way to check if my Asterisk is an Open
Relay that accept
A J is 100% correct. People hear are very helpful. Though you do not
know who is just lurking and can cause some issues for you. I am willing
to help, but you may find someone who focuses only on security, and
would be a better asset.
On 2015-06-10 08:06 AM, A J Stiles wrote:
On Wednesday 10
For such cases i created a dialplan in the default dialplan which blocks
the ip of the hacker with iptables.
On Monday, June 8, 2015, Luca Bertoncello lucab...@lucabert.de wrote:
Hi list!
Very strange...
I ran the Asterisk CLI for other tasks, and suddenly I got this message:
== Using
Zitat von Dereck D derec...@gmail.com:
For such cases i created a dialplan in the default dialplan which blocks
the ip of the hacker with iptables.
That's interesting...
Could you explain me how do you did it?
Thanks
Luca Bertoncello
(lucab...@lucabert.de)
--
Very strange...
I ran the Asterisk CLI for other tasks, and suddenly I got this message:
== Using SIP RTP CoS mark 5
-- Executing [000972592603325@default:1] Verbose(SIP/192.168.
20.120-002a, 2,PROXY Call from 0123456 to 000972592603325) innew
stack
== PROXY Call from 0123456
Hi list!
Very strange...
I ran the Asterisk CLI for other tasks, and suddenly I got this message:
== Using SIP RTP CoS mark 5
-- Executing [000972592603325@default:1]
Verbose(SIP/192.168.20.120-002a, 2,PROXY Call from 0123456 to
000972592603325) in new stack
== PROXY Call from
On Mon, 8 Jun 2015 13:19:53 -0700 (PDT)
Steve Edwards asterisk@sedwards.com wrote:
Look for address blocks (class A, B, C) that are allocated to
geographic regions you do not have any providers. If you limit your
'attack surface' you make your security problem manageable.
Get this file:
On Mon, 8 Jun 2015 22:24:33 +0200
Luca Bertoncello lucab...@lucabert.de wrote:
Kevin Larsen kevin.lar...@pioneerballoon.com schrieb:
Basically, they are hoping that you are running the equivalent of a
mail server open relay. They are trying to use you to dial out to
another number. You
On Mon, 8 Jun 2015, Kevin Larsen wrote:
Better to fail and fix than to permit and pay for it later.
That would make a great T-shirt:
Deny and Fix
vs
Permit and Pay
--
Thanks in advance,
-
Kevin Larsen kevin.lar...@pioneerballoon.com schrieb:
Based on SIP packets coming in from IP addresses you don't recognize,
while you may not be hacked, you would seem to have people probing your
I think, too, it's someone probing my IP...
system. One thing you can do at the firewall level
On Mon, 8 Jun 2015, Luca Bertoncello wrote:
This is not really possible, since I'll login on my Asterisk from many
Providers...
many all
So make a list of the 100 or so providers you have active accounts with.
It's still way less than 'all.'
Also, I'm willing to bet you won't be
OK, I set alwaysauthreject = yes and I discovered a allowguest, which I
set
to no, too.
The PBX is behind a Firewall and I just allow UDP 5060 and 1-10100.
Now I log the SIP-pakets coming from Internet, too...
Hopefully I solved my problem...
Make sure you have solved the problem. You
To: Asterisk Users List
Subject: [asterisk-users] Am I cracked?
Hi list!
Very strange...
I ran the Asterisk CLI for other tasks, and suddenly I got this message:
== Using SIP RTP CoS mark 5
-- Executing [000972592603325@default:1]
Verbose(SIP/192.168.20.120-002a, 2,PROXY Call from 0123456
On Mon, 8 Jun 2015, Michelle Dupuis wrote:
You're definitely under attack (based on the 0123456 ID) so be sure to
take preventative steps to avoid a $50k phone bill..
Don't enable 'auto-replenish' in your provider account and don't keep a
balance you can't afford to lose.
--
Thanks in
Make sure you have solved the problem. You don't want to get hit with
a
phone bill for calls from your location to Israel. Basically, they are
hoping that you are running the equivalent of a mail server open
relay.
They are trying to use you to dial out to another number. You don't
Kevin Larsen kevin.lar...@pioneerballoon.com schrieb:
Make sure you have solved the problem. You don't want to get hit with a
phone bill for calls from your location to Israel. Basically, they are
hoping that you are running the equivalent of a mail server open relay.
They are trying to
As a practice, by default all the extensions you expose on the allowguest
mode should lead inbound to your asterisk and should never pick any
outbound trunk and dial out.
Your best option is to remove all outbound extensions from the default
context, move them to default2 and set default
20 matches
Mail list logo
