Skip to Main Content
Asterisk: The Definitive Guide, 5th Edition
book

Asterisk: The Definitive Guide, 5th Edition

by Jim Van Meggelen, Russell Bryant, Leif Madsen
June 2019
Intermediate to advanced content levelIntermediate to advanced
412 pages
11h 4m
English
O'Reilly Media, Inc.
Book available
Content preview from Asterisk: The Definitive Guide, 5th Edition

Chapter 22. Security

We spend our time searching for security and hate it when we get it.

John Steinbeck

Security for your Asterisk system is critical, especially if the system is exposed to the internet. There is a lot of money to be made by attackers in exploiting systems to make free phone calls. This chapter provides advice on how to provide stronger security for your VoIP deployment.

Scanning for Valid Accounts

If you expose your Asterisk system to the public internet, one of the things you will almost certainly see is a scan for valid accounts. Example 22-1 contains log entries from one of the authors’ production Asterisk systems.1 This scan began with checking various common usernames, then later went on to scan for numbered accounts. It is common for people to name SIP accounts the same as extensions on the PBX. This scan takes advantage of that fact.

Tip

Use non-numeric usernames for your VoIP accounts to make them harder to guess. For example, in this book we use the MAC address of a SIP phone as its account name in Asterisk.

Example 22-1. Log excerpts from account scanning
[Aug 22 15:17:15] NOTICE[25690] chan_sip.c: Registration from '"123"<sip:123@127.0.0.1>' failed for '203.86.167.220:5061' - No matching peer found [Aug 22 15:17:15] NOTICE[25690] chan_sip.c: Registration from '"1234"<sip:1234@127.0.0.1>' failed for '203.86.167.220:5061' - No matching peer found [Aug 22 15:17:15] NOTICE[25690] chan_sip.c: Registration from '"12345"<sip:12345@127.0.0.1>' failed for '203.86.167.220:5061' ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

UNIX and Linux System Administration Handbook, 5th Edition

UNIX and Linux System Administration Handbook, 5th Edition

Trent R. Hein, Evi Nemeth, Garth Snyder, Ben Whaley, Dan Mackin
TCP/IP Guide

TCP/IP Guide

Charles M. Kozierok
Asterisk: The Definitive Guide, 4th Edition

Asterisk: The Definitive Guide, 4th Edition

Russell Bryant, Leif Madsen, Jim Van Meggelen

Publisher Resources

ISBN: 9781492031598Errata PageSupplemental Content