How secure is your Asterisk PBX?

A growing problem Like a slice of Victoria sponge cake on a summers day attracts wasps, so new technologies seem to attract the attention of cyber-criminals. The more widely used the technology, the greater the interest. It was inevitable, and widely predicted, that VoIP would become a favorite target for hackers as its popularity and uptake increased – it has the accessibility of an email server combined with the potential for fraud of an online bank account. Irresistible! And so it has come to be. The level of sophistication and the number of attacks against VoIP servers and PBX’s has gradually escalated over the years and then really taken off in the last 12 months. Automated port scanning and security probing can be seen many times a day, even on ...

Read more »

ZoIPer for iOS

ZoiPer for iOS ZoiPer is an IAX & SIP multilanguage VoIP soft client (softphone) meant to work with any IP-based communication system and infrastructure. Zoiper is available for Windows, Mac OS X and Linux and supports the following languages: English, German, Spanish, French, Dutch, Portuguese, Russian, Chinese, Japanese, Italian, Polish and Magyar. You can download it here General Configuration Start Zoiper Softphone Click on Config icon on the Zoiper screen Click on the " + " icon to add an account Select SIP or IAX account. This guide was made using a SIP account but the settings are similar, notice that the protocol must be the same as the one you set on your voip.ms SIP account Fill...

Read more »

Seven Steps to Better SIP Security with Asterisk

In case any of you were wondering why there has been a fairly notable upswing in the attacks happening on SIP endpoints, the answer is “script kiddies.”  In the last few months, a number of new tools have made it easy for knuckle-draggers to attack and defraud SIP endpoints, Asterisk-based systems included.  There are easily-available tools that scan networks looking for SIP hosts, and then scan hosts looking for valid extensions, and then scan valid extensions looking for passwords.  You can take steps, NOW, to eliminate many of these problems.  I think the community is interested in coming up with an integrated Asterisk-based solution that is much wider in scope for dynamic protection (community-shared blacklists is the current thinking) but that doesn’t mean...

Read more »

Delete an IP Address Listed in IPtables Tables

I am a brand new user of a Linux iptables and I can’t find how to instruct my iptables to delete or unblock an IP address listed in iptables firewall. I’m using Debian Linux version. Can you help please? Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. You can delete one or more rules from the selected chain. There are two versions of this command: the rule can be specified as a number in the chain (starting at 1 for the first rule) or a rule to match. List existing chains Type the following command to list current IPs in tables: iptables -L -n iptables -L -n -v iptables -L chain-name -n -v iptables -L spamips -n -v List existing chains with line number To display line number along with other information, enter:...

Read more »

Install iftop To Display Bandwidth Usage Per interface By Host

I am running Red Hat Enterprise Linux on IBM based system. How do I display bandwidth usage on an interface by host in real time using command line option? How do I monitor bandwidth usage in a real time on RHEL or CentOS Linux based server? How can I install iftop utility on CentOS or RHEL server using the yum command? You can install and use iftop utility on Linux. This command listens to network traffic on a given interface (such as eth0 or eth1), and shows a table of current bandwidth usage by pairs of hosts. iftop must be run with sufficient permissions (usually as root user) to monitor all network traffic on the interface. Install iftop First, turn on EPEL repo on Linux. See how to install and enable epel repo on CentOS...

Read more »

How to verify DDOS attack with netstat command on Linux Terminal

Your server appearing pretty slow could be many things from wrong configs, scripts and dodgy hardware – but sometimes it could be because someone is flooding your server with traffic known as DoS ( Denial of Service ) or DDoS ( Distributed Denial of Service ). Denial-of-service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. This attack generally target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its services or obstructs the communication media between...

Read more »