Author Topic: Asterisk hacked  (Read 4290 times)

m3freak

  • Veteran
  • ***
  • Posts: 125
    • View Profile
Re: Asterisk hacked
« Reply #15 on: February 20, 2012, 04:59:50 am »
This little lesson has taught me that what is installed default in lmce is a real security nightmare...

It's the reason why I refused to make LinuxMCE my home network's gateway/firewall.  LMCE is a big beast and I don't know enough about it to trust it.

bongowongo

  • wants to work for LinuxMCE
  • **
  • Posts: 826
    • View Profile
Re: Asterisk hacked
« Reply #16 on: February 20, 2012, 06:45:06 am »
It's the reason why I refused to make LinuxMCE my home network's gateway/firewall.  LMCE is a big beast and I don't know enough about it to trust it.


I have the same, so how can we catagorize or solve this problem?

m3freak

  • Veteran
  • ***
  • Posts: 125
    • View Profile
Re: Asterisk hacked
« Reply #17 on: February 20, 2012, 03:51:27 pm »
I have the same, so how can we catagorize or solve this problem?

I've been working with Asterisk for over 7 years, but I haven't done an actual dial plan config for 5!  I don't know how many of the old ways to lock down the system would still work.  I think I still remember enough to understand the various options so I'm not worried about having an insecure setup (whenever I get to it).

What I used to run was solid.  I remember seeing attempts at cracking the PBX. My dial plan was built in such a way it prevented random people from gaining access to long distance.

I think joining the Asterisk mail list might be a good option.  Failing that, research, research, and study until you drop.  It'll be the only to understand how Asterisk is configured and how to change it.

Question: does LinuxMCE use plain old Asterisk, or a bunch of different apps that help administrating an Asterisk system easier?  I haven't looked into LinuxMCE's telephony feature set, at all.

posde

  • Administrator
  • LinuxMCE God
  • *****
  • Posts: 3445
  • Wastes Life On LinuxMCE Since 2007
    • View Profile
    • My Home
Re: Asterisk hacked
« Reply #18 on: February 21, 2012, 02:08:52 pm »
We use plain Asterisk. The configuration up to 810 is done using freepbx scripts called by various LinuxMCE scripts. In 1004 we are using realtime database controlled directly by our scripts.
Currently on my way in the North Eastern United States - If I helped you, feel free to buy me a coffee: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2VKASZLTJH7ES