返回列表 發帖
bubblestar

Rank: 1
1# 跳轉到 »
發表於 2010-9-2 09:19 | 顯示全部帖子
I am certain that hackers will change thier IPs frequently to invade their target system, not necessary using their own IP but making use of other innocent IP ranges on purpose resulting in  DoS (Denial of Service).

On the other hand, your log blacklist may become larger and larger someday later that will  also create certain degree of burgen on your own system.

Anyhow, doing something is better than doing nothing, at least in this stage.  

TOP

bubblestar

Rank: 1
2#
發表於 2010-9-2 15:35 | 顯示全部帖子
Cool !  Thanks for the information.  It sounds very simple to set up.  Hope it is effective.

TOP

bubblestar

Rank: 1
3#
發表於 2010-9-2 15:43 | 顯示全部帖子
Taking IP-01 as an example, I found its "älwaysauthreject=yes" already a default.  It means that what I need to do is to change "ällowguest=no".

TOP

bubblestar

Rank: 1
4#
發表於 2010-9-10 14:55 | 顯示全部帖子
本帖最後由 bubblestar 於 2010-9-10 15:18 編輯

Protect your IPPBX with IPtables is Rule #1 in 10 Rules You Should Follow

TOP

bubblestar

Rank: 1
5#
發表於 2010-10-27 11:10 | 顯示全部帖子
本帖最後由 bubblestar 於 2010-10-27 11:16 編輯

Securing Asterisk

"The Asterisk source contains a very important file named SECURITY, which outlines several steps you should take to keep your Asterisk systemsecure. It is vitally important that you read and understand this file. If you ignore the security precautions outlined there, you may end up allowing anyone and everyone to make long-distance or toll calls at your expense!"
  1. Create a user account that will be used to run Asterisk: adduser --system --no-create-home --home /var/lib/asterisk --shell /bin/false asterisk
  2. vim /etc/init.d/asterisk

  4. #Uncomment those lines
  5. AST_USER="asterisk"
  6. AST_GROUP="asterisk"
  7.   
  8. mkdir /var/run/asterisk
  9. chown asterisk.asterisk /var/run/asterisk  
  10. vim /etc/asterisk/asterisk.conf

  12. astrundir => /var/run/asterisk
  13.   
  14. chown -R asterisk.asterisk /etc/asterisk
  15. chown -R asterisk.asterisk /usr/lib/asterisk
  16. chown -R asterisk.asterisk /var/log/asterisk
  17. chown -R asterisk.asterisk /var/spool/asterisk
  18. chown -R asterisk.asterisk /var/lib/asterisk
  19. chown -R asterisk.asterisk /dev/zap/pseudo
  20. Launch Asterisk in debug mode to check that it loads OK:

  22. asterisk -U asterisk -G asterisk -cvv
  23.   
  24. CTRL-C to close
複製代碼
該網站說這個調教對ATERISK 的保安是非常重要,說不可不知,但不知是否真的有效,信者不妨一試。

TOP

返回列表