[*] Ensure your VOIP install isn't compromised.
Jason Lee
jlee at omegaserv.com
Thu Dec 18 11:34:29 CST 2008
Saw this today:
http://www.winnipegfreepress.com/breakingnews/hacker_makes_costly_calls.html
In this case I'm not sure if asterisk was used (no reference to
equipment) but it is a reminder of the costs that can be racked up if
your phone system is compromised. And don't think it doesn't happen
often. I've seen it a few times lately.
And I just wanted to remind everyone to make sure your taking steps to
prevent your voip installation from being compromised. These include
using a RFC 1918 ip addresses for your voip pbx and phones when
possible, placing your voip phones and pbx on a separate VLAN if
possible, using secure passwords for all sip and iax communications,
using ssh keys or secure passwords for user accounts on your phones and pbx.
Also you can block routes in your dialplan that you don't use. For
instance.
Instead of sending everything to your ITSP. Only send:
1204NXXXXXX or 1NXXNXXXXXX
or if you do call the UK send.
01144.
or if you call several international areas and don't want to add them
all in separately. block high cost routes that you don't call such as cuba.
exten => _01153.,1,Congestion()
--
Regards,
Jason Lee
OmegaServ
jlee at omegaserv.com
204-480-1238 Direct Line
866-664-7786 ext 200 Toll Free
204-480-3374 ext 200 Winnipeg
403-538-7786 ext 200 Calgary
http://www.omegaserv.com
*************************************************************************
OmegaServ has been providing quality webhosting and domain services at affordable prices since 2004. Webhosting starting @ $5/month and Domains starting @ $10/year. Check our site at www.omegaserv.com for more details. *************************************************************************
More information about the Asterisk
mailing list