Toll fraud on poorly protected Asterisk servers seems to have mushroomed in the last 12 months. I constantly see evidence of scanning and brute force password guessing attempts on port 5060 of many different servers and PBX's.
If you operate a Trixbox or any Asterisk based PBX then you urgently need to review how secure it is and make sure you have not left any gaps in your defences. Failure to do so could leave you with an astronomical phone bill and very little, if any, redress.
Learn about the vulnerabilities and how to protect your Asterisk based PBX by reading my three part article:
How secure is your Asterisk PBX? Part 1
How secure is your Asterisk PBX? Part 2
How secure is your Asterisk PBX? Part 3
If you find the articles useful, please pass the link on.
Subscribe to:
Post Comments (Atom)
Digium now recommends not using fail2ban (check their postings on mailing list). We have switch to SecAst (www.generatoind.com) - the free version is a good step up for anyone. Nice article!
ReplyDeleteThe correct URL for SecAst is www.generationd.com.
DeleteIn my opinion, the pricing for SecAst looks high. fail2ban was/is open source.
There are now some hardware devices available which can be used to help protect an Asterisk PBX, although they cannot handle very large volumes of calls. e.g. Pika uFirewall and Allo Shield STM.