Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 805
  • Last Modified:

Protect asterisk from hack ???

Dear all

iam using elastix 2.0 and iam asking about the best ways to protect my machine from hacking , really my server many times has been hacked . i made fall2ban and also tls my server now works with the two is these enough to protect my elastix or you have any other more things that can help me against hack
0
tahasip
Asked:
tahasip
  • 2
1 Solution
 
luc_royCommented:
this should be good enough.  Are you protecting it from inside hackers or outside hackers.  If it's from outside hackers make sure you also have the SIP ports closed on your firewall.
0
 
DrDamnitCommented:
Read my article: Hacker's Guide to Being Hacked: http://www.experts-exchange.com/Networking/Security/A_3582-Hackers-Guide-to-Being-Hacked-How-Bad-Guys-Take-Control-and-How-to-Take-it-Back.html

Also, your SIP passwords for accounts should be good, strong passwords. Personally, I use pwgen to generate them, and then populate the sip.conf file with those passwords. For more information on choosing good passwords, see my other article:

http://www.experts-exchange.com/Networking/Security/A_3640-What-s-the-Password-How-to-Create-Easy-to-Use-Strong-Passwords-to-Protect-Your-Important-Stuff.html

fail2ban is an important measure, but you need to make sure you have implemented all the steps in that article as well.

How were your boxes hacked before?
0
 
tahasipAuthor Commented:
i donot know how but suddenly i found all my charge in my trunk are gone and found many calls to too much cost country at about i minute equal 1 doler and no one before call this country the calls semed to done or generated by program and sequence this mean that he was registered by extension and used that trunk .
0
 
DrDamnitCommented:
Your hack attack sounds like the normal attack. Follow the instructions in those articles I gave you, and it should adequately protect you from a future attack. Additionally, you need to watch the asterisk bugs list (lists.digium.com) for vulnerabilities, and update your software frequently to each stable branch or trunk version.

In addition to the article above, make sure that everyone has good voicemail passwords. There was a bug at one point, which has since been fixed, that allowed an attacker to call into a voicemail number, get to the voicemail application, and then start making calls. But, as long as you don't have a direct dial to your voicemail for external callers to get to voicemail, then you should be ok.

If you need people to be able to get their voicemails from outside the office, then give it a full extension, not just # during a menu.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now