我香港老家的 Lu-Lu 級 Asterisk Server 是不是受到攻擊呢 ??
最近收到我的 VSP (澳大利亞的 PennyTel) 發過來的 Email,要 Freeze-Up 我的 Account,因爲懷疑我的 Lu-Lu 級的 Asterisk Server (ATCOM IP01, 受到 Hacker 的攻擊, 請看下面的 英語電郵的 Cut-n-Paste。
各位 C-Hing 有沒有這個經驗呢 ?? 可不可以分享一下呢 ??
有什麽辦法可以避免 Hacker 去 攻擊我的 Asterisk Server 呢 ??
很好彩,我的 VSP account 内只有 幾塊錢的結餘,沒有任何的損失。
反正我們香港的 PSTN line 是包月的,Hacker 要用我的香港 PSTN Line 就跟我說就可以,不需要 Hack 啦,我免費開一個 Account 給你吧。
爲什麽那麽多無聊的人,搞這些無聊的是,懂得 Hack Asterisk Server 的人,一定是 Asterisk 的高手 ......爲什麽不為廣大的難胞做一定有益社會的公益性的東西,反而利用自己的 Asterisk 技能去搞這些 Hacking 沒有意義的東西呢 ????
+++++++++++ Line-Of-Cut-n-Paste +++++++++++++++++++++
Dear Customer,
We are receiving an unusual call attempts to Prime Destinations (Poland,Myanmar,Mauritania,Latvia,Guinea, Congo, Somalia, North Korea and etc) from account, 888919XXXX, using iPox with IP from 218.103.2XX.XXX.
The unusual call pattern(even though not connecting) could indicate that the PBX server could be compromised. To prevent any further damage, we have suspended the account.
Tech blogs and IP PBX Users mailing lists worldwide are reporting a large spate of SIP based attacks against their VoIP servers, where the network activity shows tens of thousands of brute force attempts to guess usernames and passwords of SIP clients. Successful attackers obtaining SIP registration logins then make thousands of dollars worth of unauthorized calls, usually to premium destinations. We strongly advise to update all logins(web/ssh) on the asterisk server as well as the PennyTel VoIP and web password.
The following link provides some useful precautions that can be followed for Asterisk/3CX based systems, or any SIP voice switch that allows registration from dynamic IP addresses.
Asterisk
http://blogs.digium.com/2009/03/28/sip-security/
3CX
http://www.3cx.com/blog/voip-howto/securing-hints/
Please don't disregard this email if you have deployed Asterisk or 3CX.
Thank you.
Regards,
PennyTel Team |
發表於 2011-10-14 22:12
|