James,
We have found with out users that some of them put the phones on public IP's. If the default password is not changed, no matter how hard the password is they will get in. Also try using characters like "@:^#" in your passwords. Regards, Dovid _____ From: users-boun...@lists.opensips.org [mailto:users-boun...@lists.opensips.org] On Behalf Of aws j Sent: Thursday, February 02, 2012 06:08 To: OpenSIPS users mailling list Subject: Re: [OpenSIPS-Users] SIP Authentication Attacks Dear Mr James Can you attached to me your suspect file to make VoIP forensic on it . thanks Aws Msc VoIP security 2012/2/1 James Lamanna <jlama...@gmail.com> Hi, I've noticed lately that a server of mine is getting repeatedly hit by an attacker trying to make international calls. The scary part is that the attacker seems to be able to register correctly on different extensions, even though each extension has a different, random password. I'm not sure how the attacker is getting the passwords or if there's a man-in-the-middle attack going on, but I would like some suggestions on how to increase the security of SIP authentication in opensips. I could enforce security through IP addresses, but I fear that will become quite cumbersome. Thanks. -- James _______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users