Cody Alderson wrote:
Hi,
I am connected to CNET (Collector's Network)
In reality The Collectors Network is not a true network with a constant
connection. There is a reference point that provides the called node's IP
address from a dialed number. In the US it is 1+NXX-XXXX. Once the number to IP
is resolved, it is peer to peer. Inbound calls are not authenticated, use the
IAX protocol, and are rejected if the called number doesn't match along with a
specified context
and have one incoming VoIP line running in Astlinux.
What provider and what protocol?
I use voip.ms and the IAX protocol and have no issues with attempts.
I do NOT use SIP on the WAN and have no SIP related ports open on my router
Your older HP5720 is a good match for AstLinux, and there are more than 30
nodes on the Collectors network using these thin clients without any extra
security measures.
Suggestions:
Make sure your passwords are changed and strong.
Your ( external ) router is your first line of defense!
IF you have SSH open on your router, use a non standard port. Open it only when
someone is helping you with configurations. Same with https port 443
Don't have 5060 open on your router. If you are using a PSTN provider that only
supports SIP, you will register to them and will not need a port open
IAX is not more secure than SIP but is seldom if ever the target of an attack
John Novack
Outgoing calls over the VoIP number have been redundantly disabled in Asterisk
and at the VoIP service providers setup options. My Astlinux is constantly
bombarded with attempts to get in by unauthorized users. I currently have
Adaptive Ban enabled, and, with help already received here, have set the system
to keep a record of the IP addresses for the bans to persist after a reboot.
I was wondering what other security I should implement. Keep in mind that the
box is an older HP thin client, but the traffic is very minimal. I get a lot
more traffic trying to break in than the box needs to handle for legitimate
use. :)
If you suggest enabling another security feature, would you be so kind as to
point me to some instructions on configuring it?
Thank you in advance,
-Cody
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
--
Dog is my Co-pilot
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
