I have been noticing in my /var/log/asterisk/messages file that some a**holes
are trying to break-in to my asterisk server. They are using some kind of brute
force method that tries every four digit and three digit extensions available.
Of course, they don't get in because the passwords used for my accounts are
very cryptic. I'm not saying that's the only reason they don't get in, but it's
probably the main reason they don't.
What is especially disturbing about this is that when trying every possible
four digit combination they seem to be able to zero in on the one four digit
user account that is on my asterisk server and then start brute forcing
different passwords to acces the server. Once again, I want to state my sincere
belief that there are so many wonderful challenges in this world to occupy
one's time that I just don't understand the criminal or mischievious minds that
want to take advantage of others. Still these a**holes are out there and will
always be trying something.
My questions are:
1. How do they seem to zero in on the one valid user account that is present on
my server?
2. Is asterisk really that insecure?
3. My asterisk server is behind my firewall and I do port forwarding to allow
access from outside users, like me from my office. I guess I'm going to have to
lock down the asterisk ports only from certain IP addresses but that will limit
my use when I'm traveling.
Any security suggestions would be appreciated. But even more would be some way
to thwart these a**holes and send them packing.
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
Asterisk-BSD mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-bsd
