Firewalling and Asterisk

Home » Asterisk Users » Firewalling and Asterisk
Asterisk Users No Comments

On Sun, Nov 28, 2010 at 12:24 PM, Steve Edwards
wrote:
> On Sun, 28 Nov 2010, Silver Thorne wrote:
>
>> I have noticed lately that there have been several attempts to hack our
>> Asterisk server.
>>
>> So, I am wondering if anyone has a firewall/IP tables statement that
>> keep out unauthorised users?
>
> 0) Read the list archives, this comes up weekly.
>
> 1) Determine who (in terms of external IP addresses) should be allowed to
> connect to your server.
>
> 2) Create a list of iptables commands to allow those IP addresses.
>
> 3) Deny everybody else.
>
> 4) Use ‘fail2ban’ or something similar to detect abusive addresses and
> block them, if only for an [hour|day|week] or so.
>
> Even if you have ‘mobile’ users who ‘need to connect from everywhere’ you
> can probably define ‘everywhere’ a bit better like ‘not from North Korea’
> or ‘not from Africa’ — with suitable apologies to readers from North
> Korea or Africa.
>
> —
> Thanks in advance,
> ————————————————————————-
> Steve Edwards       href=”mailto:sedwards@sedwards.com”>sedwards@sedwards.com      Voice: +1-760-468-3867 PST
> Newline                                              Fax: +1-760-731-3000
>

I agree with Steve, this is the safest way to tackle it. For the road
warriors that demand an extension, I use SNOM 370VPN if they want to
carry around a real phone or openvpn x-lite on their laptops.

Thanks,
Steve T