Dunno if anyone else has seen this yet: http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asterisk+telephone+systems+risk/ -- Aaron Daniel Computer Systems Technician Sam Houston State University amdtech@shsu.edu (936) 294-4198
On Thu, 2006-06-15 at 10:16 -0500, Aaron Daniel wrote:> Dunno if anyone else has seen this yet:And that is perhaps why the current version of Asterisk is 1.2.9.1. -- Dave Cotton <dcotton@linuxautrement.com>
What's everyone's take on this flaw? Are we going to start seeing port 4569 scans? FWIW, my IDS has not reported anything out of the ordinary, even on 5060 SIP. -----Original Message----- From: Matt [mailto:mhoppes@gmail.com] Sent: Thursday, June 15, 2006 11:25 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [Asterisk-Users] Anyone see this? And that's why you have IAX firewalls off if you don't need it, right? And if you do, you have it firewalled down to the IPs you are connecting to... sheesh. On 6/15/06, Dave Cotton <dcotton@linuxautrement.com> wrote:> On Thu, 2006-06-15 at 10:16 -0500, Aaron Daniel wrote: > > Dunno if anyone else has seen this yet: > > And that is perhaps why the current version of Asterisk is 1.2.9.1. > > > -- > Dave Cotton <dcotton@linuxautrement.com> > > _______________________________________________ > --Bandwidth and Colocation provided by Easynews.com -- > > Asterisk-Users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >_______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
asterisk-users-bounces@lists.digium.com wrote:> Dunno if anyone else has seen this yet: >http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asteris k+telephone+systems+risk/ we do not run asterisk (or any other critical services including PBXware) as root on the host as normal process. we are using chroot with very limited set of tools and non-root operation. so ... it is much more secure. Senad
On Fri, Jun 16, 2006 at 08:57:02AM +0100, Senad Jordanovic wrote:> asterisk-users-bounces@lists.digium.com wrote: > > Dunno if anyone else has seen this yet: > > > http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asteris > k+telephone+systems+risk/ > > we do not run asterisk (or any other critical services including PBXware) as > root on the host as normal process. > we are using chroot with very limited set of tools and non-root operation. > so ... it is much more secure.Well, that protects the rest of the system from a potential problem with Asterisk. But not the rest of the network. Not to mention that it does not protect the PBX itself. A good practice, nontheless. -- Tzafrir Cohen sip:tzafrir@local.xorcom.com icq#16849755 iax:tzafrir@local.xorcom.com +972-50-7952406 tzafrir.cohen@xorcom.com http://www.xorcom.com
asterisk-users-bounces@lists.digium.com wrote:> On Fri, Jun 16, 2006 at 08:57:02AM +0100, Senad Jordanovic wrote: >> asterisk-users-bounces@lists.digium.com wrote: >>> Dunno if anyone else has seen this yet: >>> >>http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asteris>> k+telephone+systems+risk/ >> >> we do not run asterisk (or any other critical services including >> PBXware) as root on the host as normal process. >> we are using chroot with very limited set of tools and non-root >> operation. so ... it is much more secure. > > Well, that protects the rest of the system from a potential problem > with Asterisk. But not the rest of the network. Not to mention that > it does not protect the PBX itself. > > A good practice, nontheless.of course, but other than that one cannot do much more without going into IDS services.