電訊茶室 - Powered by Discuz! Board

標題: Attacks from Hackers [打印本頁]

作者: ckleea 時間: 2010-8-4 23:04 標題: Attacks from Hackers

本帖最後由 ckleea 於 2010-8-10 17:35 編輯

I have been attracked in the last few days from '219.117.232.107'
Any suggestion to prevent?

作者: ckleea 時間: 2010-8-4 23:06

Another one from 41.64.217.63

作者: ckleea 時間: 2010-8-4 23:08

One from Japan, one from Egypt

作者: 角色 時間: 2010-8-4 23:16

I do not know the way unless your have a very strong password.

YH

作者: yiucsw 時間: 2010-8-4 23:58

我想问一下，要是换5060 到其他Port -》10002 会不会好点？

作者: 角色 時間: 2010-8-5 00:58

Yes, agree.

YH

作者: bubblestar 時間: 2010-8-5 09:16

Port 10020 不是已經給ET263佔用了嗎? 除非你不使用ET263服務，否則用其它會不會更好呢!?

作者: alang 時間: 2010-8-6 12:57

fail2ban 是個不錯的保護套件。

作者: ckleea 時間: 2010-8-6 14:24

I can install in my centos server but how about IP01.

作者: ckleea 時間: 2010-8-10 15:37

There were attacks again. It is from an IP address of DNS server. Rapid scanning using extensions from 0 to 9999

作者: 角色 時間: 2010-8-10 16:15

本帖最後由角色於 2010-8-10 16:35 編輯

That is why our password must not be so simple, it should include letters and numbers.

YH

作者: ckleea 時間: 2010-8-10 16:19

Is it possible to use a longer user name like commerically available SIP account?

作者: 角色 時間: 2010-8-10 16:39

In fact Asterisk does allow letters for extension but use number for convenience. So the hacker must start with number and try simple password hacking for each password. If our password is composed of 8 alphanumerical digits or more. It should be okay.

YH

作者: 角色 時間: 2010-8-10 17:14

How about other members? What is the length and the format of your password in the extension password?

By the way, the root password must be very long enough otherwise it would be very easily hacked. Mine is a 13-alphanumerical digits.

YH

作者: ckleea 時間: 2010-8-10 17:35

In fact Asterisk does allow letters for extension but use number for convenience. So the hacker must ...
角色發表於 2010-8-10 16:39

How to change to alphanumeric user extensions or login in alphanumeric but keep user extension as numerical?

作者: ckleea 時間: 2010-8-11 06:42

Don't know if i configure sip domains can help?

http://www.smartvox.co.uk/astfaq_sip_domains.htm

作者: bubblestar 時間: 2010-8-11 10:43

應該會有一定作用。但未必能防止對方亂撞，當然機會少了很多。

另一方面它也會局限了使用上的彈性，即是只能為預設的DOMAIN提供服務。如果我要給你掛電話，便可能造成不便。不過也真正做到了 Private Branch Exchange 中的 Private 了。

作者: Qnewbie 時間: 2011-12-19 06:50

[Dec 18 20:58:49] NOTICE[353]: chan_sip.c:16457 handle_request_register: Registration from '"Darkman" <siparkman@myipaddress>' failed for '96.44.146.48' - No matching peer found

Another attack type with "faked" ip address(using my ip address) to break into my asterisk server. 82 trials per second, which droves my little IP01 to 50% CPU power

I need a better firewall to drop those meaningless attacks!!!

作者: ckleea 時間: 2011-12-19 06:52

回復 18# Qnewbie

Only way to try is to have stronger firewall set at router and very stron username/password.

作者: bubblestar 時間: 2011-12-19 08:51

If you guys have time, you may refer to the tutorial in BackTrack as below to see whether your VoIP system is strong enough or too vulerable to resist attack.

http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP

歡迎光臨電訊茶室 (http://www.telecom-cafe.com/forum/)