[ILUG] Asterisk security
gmccullagh at gmail.com
Mon Nov 8 12:58:50 GMT 2010
On Mon, 08 Nov 2010, Kevin Brennan wrote:
> It's easy to run up a 5K bill over a weekend (I have seen it happen).
It's a good idea to raise this. I've seen similar scanning quite a lot.
> Here's a few tips to keeping your install safe
> - change your sip port from default 5060 to something different,
> 5060 is constantly scanned
Is this an option if you take incoming SIP calls?
> - don't use extensions that are easy to guess (like 1000 - scanners
> tend to count from 0 to 9999)
Do you mean extensions or usernames? If one has physical VoIP handsets,
numeric extensions are hard to get away from. The username can be
alphanumeric though, while the extension is still purely numeric.
More information about the ILUG