I have been facing hacking issue on my LD PSTN can anyone help me what should I do with configuration
- deny=0.0.0.0/0.0.0.0
permit=192.168.1.0/255.255.255.0 ( where I need to do this code in extension.conf or sip.conf)
- Do I need to change default port 5060 to new port and I think this need to be in sip.conf
deny, permit, and port all go in sip.conf.
Personally, I prefer to do access control with iptables. It just seems ‘better’ to stop them at the front door.
If you only accept SIP from a known list, a white list – oops accept list followed by a blanket deny should be effective.
If your environment is too dynamic for an accept list, you can use a tool like fail2ban with good results.
I’ve never bothered with changing the port number, but it will eliminate a certain class of hacker.
system
Closed
3
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.