Hi,
I have my asterisk based switch on Amazon and I can’t allow dynamic DNS addresses. I was thinking instead of opening port 5060 and 1000-65000 open for everyone and then authenticating customers using either IP or username and password in A2billing. Would that be ok? or I am just leaving myself fully open to being attacked?
Thanks
If you’re opening a port to the Internet, you’re going to suffer probing.
If you know from where your clients will come, you can lock it down to only allow only them. You can do that at the firewall (iptables) level or at the Asterisk (ACL) level.
If you don’t know from where they’ll come, then people use tools like http://www.fail2ban.org/wiki/index.php/Main_Page