On Monday 28 Feb 2011, Steven Howes wrote: > 'asterisk security' is a misleading subject line. Guessing someone just > scanned some IP addresses and made calls. You need what's called a > 'firewall'.
Well, assuming you're on Linux then you've already *got* a firewall. Just add some iptables rules to admit only traffic from places it should be coming from. This is a separate subject in its own right. There are various GUI front ends available for configuring iptables, if you prefer. > On 28 Feb 2011, at 10:33, Rizwan Hisham wrote: > > My guess is that someone has been sniffing my server's sip traffic. In > > that case what should i do to get rid of the sniffers? > > It's hard to sniff without being on a network. Most likely they brute > forced something?.. Get a firewall, and something to look for brute force > attacks. Agreed; packet-sniffing would most probably have to have been an inside job, as packets not meant to leave your network don't -- *unless* you've got a wireless network, in which case they go everywhere the radio waves will take them. Your wireless AP ought to have its own iptables (yes, iptables: most of them run Linux) rules that you can configure through its web page, so as not to let anything telephonical go over wi-fi. -- AJS Answers come *after* questions. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
