On Wednesday 10 Jun 2015, Luca Bertoncello wrote:> I'm very sorry to write that, but these answers are really NOT helpful... > I searched two days long how can I check it and didn't found anything > useful... > > Could someone suggest me a way to check if my Asterisk is an "Open > Relay" that accept connections from every peer?Someone on this list is bound to have the wherewithal to be able to do that. All they will need to know is the IP address of your Asterisk server. I suggest that if anyone offers to help you by remotely penetration-testing your system, you post "on-list" that you'll contact them "off-list" to give them the server IP. That way, everyone gets to know that a deal has been established, but only the directly-concerned parties have all the necessary information. -- AJS Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk .
A J is 100% correct. People hear are very helpful. Though you do not know who is just lurking and can cause some issues for you. I am willing to help, but you may find someone who focuses only on security, and would be a better asset. On 2015-06-10 08:06 AM, A J Stiles wrote:> On Wednesday 10 Jun 2015, Luca Bertoncello wrote: >> I'm very sorry to write that, but these answers are really NOT helpful... >> I searched two days long how can I check it and didn't found anything >> useful... >> >> Could someone suggest me a way to check if my Asterisk is an "Open >> Relay" that accept connections from every peer? > Someone on this list is bound to have the wherewithal to be able to do that. > All they will need to know is the IP address of your Asterisk server. > > I suggest that if anyone offers to help you by remotely penetration-testing > your system, you post "on-list" that you'll contact them "off-list" to give > them the server IP. That way, everyone gets to know that a deal has been > established, but only the directly-concerned parties have all the necessary > information. >
Zitat von Keith Sloan <keiths at vianet.ca>:> A J is 100% correct. People hear are very helpful. Though you do not > know who is just lurking and can cause some issues for you. I am > willing to help, but you may find someone who focuses only on > security, and would be a better asset. > > On 2015-06-10 08:06 AM, A J Stiles wrote: >> On Wednesday 10 Jun 2015, Luca Bertoncello wrote: >>> I'm very sorry to write that, but these answers are really NOT helpful... >>> I searched two days long how can I check it and didn't found anything >>> useful... >>> >>> Could someone suggest me a way to check if my Asterisk is an "Open >>> Relay" that accept connections from every peer? >> Someone on this list is bound to have the wherewithal to be able to do that. >> All they will need to know is the IP address of your Asterisk server. >> >> I suggest that if anyone offers to help you by remotely penetration-testing >> your system, you post "on-list" that you'll contact them "off-list" to give >> them the server IP. That way, everyone gets to know that a deal has been >> established, but only the directly-concerned parties have all the necessary >> information.Well, I'm not sure, that I understood what you and Stiles say... Anyway: if someone in the list can help me in such a penetration test, I'd like to be contacted by him... Thanks Luca Bertoncello (lucabert at lucabert.de)