Author Topic: Stop asterisk from being hijacked  (Read 10706 times)

dlewis

  • Guru
  • ****
  • Posts: 401
    • View Profile
Re: Stop asterisk from being hijacked
« Reply #15 on: May 03, 2009, 08:59:22 pm »
I've added an entry to /etc/hosts.allow for Asterisk and it seems to get the job done:

Code: [Select]
asterisk : proxy01.sipphone.com : allow
asterisk : 192.168.80. : allow
asterisk : localhost : allow
asterisk : ALL : deny

Before, I was able to easily connect the N800 SIP phone app from any external network and make dialed calls using default extension info (for example: 200,200). Now I can at least limit that access to specific hosts (or none at all) but I'm not sure if there are any security loopholes still open. Am I missing anything obvious by not trying to upgrade FreePBX and locking it down there?

Good points Thom... LegoGT, please still make the trac entry with the notes/comments referenced by myself and Thom.

LegoGT

  • Regular Poster
  • **
  • Posts: 29
    • View Profile
    • Medium Rare Brain
Re: Stop asterisk from being hijacked
« Reply #16 on: May 04, 2009, 02:08:12 am »
I've added an entry to /etc/hosts.allow for Asterisk and it seems to get the job done:

Code: [Select]
asterisk : proxy01.sipphone.com : allow
asterisk : 192.168.80. : allow
asterisk : localhost : allow
asterisk : ALL : deny

Before, I was able to easily connect the N800 SIP phone app from any external network and make dialed calls using default extension info (for example: 200,200). Now I can at least limit that access to specific hosts (or none at all) but I'm not sure if there are any security loopholes still open. Am I missing anything obvious by not trying to upgrade FreePBX and locking it down there?

Good points Thom... LegoGT, please still make the trac entry with the notes/comments referenced by myself and Thom.

No problem. I'll add it tonight.
A brain dump of my neverending projects: http://MediumRareBrain.com

dlewis

  • Guru
  • ****
  • Posts: 401
    • View Profile
Re: Stop asterisk from being hijacked
« Reply #17 on: May 04, 2009, 03:12:07 pm »
A reason why we should work on the security of our asterisk installation:

http://www.usken.no/2009/03/26/get-the-password-from-any-sip-device-its-fully-possible/

Linksys SPA2102 is one of the devices they successfully penetrated.

tschak909

  • LinuxMCE God
  • ****
  • Posts: 5549
  • DOES work for LinuxMCE.
    • View Profile
Re: Stop asterisk from being hijacked
« Reply #18 on: May 04, 2009, 03:15:33 pm »
oh _yeah_

-Thom

LegoGT

  • Regular Poster
  • **
  • Posts: 29
    • View Profile
    • Medium Rare Brain
Re: Stop asterisk from being hijacked
« Reply #19 on: May 04, 2009, 05:11:03 pm »
This was my first submission to Trac so be easy on me! I think it's in there correctly (http://svn.linuxmce.org/trac.cgi/ticket/188) but let me know if I missed something so I can do it properly next time.
A brain dump of my neverending projects: http://MediumRareBrain.com