How can I tell from /var/log/asterisk/cdr-csv/Master.csv if a call was made
using one of my existing asterisk accounts or was made from a DID that my VOIP
provider furnishes. The provider is claiming that my server was brute force
attacked. I think that my extensions.conf file had a hole in it which allowed
someone to dial the DID number and then dial out. I'm pretty sure of the DID
weakness and just wasn't aware that someone has got a hold of it. But is my
asterisk server has been compromised, that would surprise me.
My asterisk server is behing a firewall natd server. I only have a few user
accounts on it and the passwords for them are very cyrptic. I don't doubt
anything these days but I'm just not sure how to confirm how the hackers are
getting in.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
Asterisk-BSD mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-bsd
