Sjur Usken

Views on new technologies and business opportunities from Sjur Usken

And the VoIP scannings just keeps on coming

Mark Waters had his Asterisk scanned for extensions without passwords or easy passwords. Mark writes: “I have now set allowguest=no in /etc/asterisk/sip.conf and will monitor how this affects regular incoming calls and also the next ‘attack’”

If he really need his Asterisk available on port 5060, he could use SSH tunneling for the SIP signalling or a port knocking method to open port 5060 from his current IP when needed.

Will check what he does on the next attack.

Have you checked your logs lately?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: