Skip to main content

Additional Security from Fraud

Posted by caw on Tue, 09/07/2010

What is everyone using to help protect themselves against call fraud? Is there any product that works better in the Thirdlane environment than another?


Submitted by eeman on Tue, 09/07/2010 Permalink

always set allowguest=no in the general section of your sip.conf to avoid unauthenticated calls.

always use good alphanumeric passwords for your sip services.

make sure your version of asterisk has been patched against the advisory last year (roughly around 1.4.24 and parallel 1.6 builds) so that they cannot learn from a failed login what valid and invalid extensions exist.

Fail2Ban is a very useful tool but if you do not learn how to use it, and how to consider it in your daily trouble shooting process, you can find yourself completely at a loss as to why a legitimate customer cannot register his device to your PBX. Fail2Ban scans logs for repeated login failure attempts and imposes a temporary ban of that IP. Some customer trying to set up their own device (phone or ata or softphone) can set a field incorrectly and in a matter of a minute exhaust the attempts that trigger a ban. Knowing to check the ban list is part of this learning process.