Hack

Home » Asterisk Users » Hack
Asterisk Users 4 Comments

–_000_EFCDF2C6785A7B478B3A77A6E7C36369A7A6D3FBmailxaccelnet_
Content-Type: text/plain; charset=”us-ascii”
Content-Transfer-Encoding: quoted-printable

Today I was hacked but caught it very quickly. This is the weird part, they hacked an IP Auth based account by simply knowing the account name.

How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I used a dictionary based account name but how did they bypass the set ip I had under the account for this host.

This also happened with fail2ban running and I pay for Humbug . Nothing caught it. Its just chance that I happen to be in the CLI and noticed it. In a span of 30 minutes they had made over $200 worth of calls all to the same number .

Anyone have any idea on this and any ideas on preventing this.

John Bittner CTO
[cid:image003.png@01CECB8D.765B3840]
380 US Highway 46, Suite 500
Totowa, NJ 07512
Phone: 201.806.2602 x2405
Fax: 201.806.2604
Cell: 973.390.1090
www.xaccel.net

CONFIDENTIALITY NOTICE:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information which should not be shared or forwarded. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the e-mail.

–_000_EFCDF2C6785A7B478B3A77A6E7C36369A7A6D3FBmailxaccelnet_
Content-Type: text/html; charset=”us-ascii”
Content-Transfer-Encoding: quoted-printable