Asterisk Hacked

Posted on 2014-07-15
Last Modified: 2015-03-23
They have a problem with our Asterisk server, we hacked the Elastix administrator account and created an extension and they made ​​calls to Cuba.

I need help to improve security beyond Good Practices for Protection Against PBX Security
Question by:WebserviceMX
    LVL 15

    Expert Comment

    So, if you have been hacked then you should rebuild by hand from bare metal --

    Your Firewall should prevent anyone outside your facility from accessing the GUIs.

    See some of the notes on the PBXinaFlash forum on security and the use of IPTables.

    LVL 1

    Accepted Solution

    Now a Days A lot of hacking attacks is going on using some script call mgtest.

    using the vtiger backdoor they are inserting code in to elastix server and making international call.

    You Can Use CSF(Central Security Firewall) A software based firewall to prevent anonymous attacks through public ip.

    Also Need to Block Port 80 and 5060 via public ip.

    Enable a anti-hack addons or Fail2ban in elastix it will send a mail if any one try to access you system.

    in sip.conf make allowguest=no

    In Elastix Turn off anonymous call advance settings.

    Also You Can Refer To This link

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
    Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now