Sip show channels

Asterisk Asterisk Support
1

Hi,

here and there I read sip show channels displays ongoing calls on my asterisk system. So I tried it and see this:

Peer             User/ANR         Call ID          Format           Hold     Last Message    Expiry     Peer      
217.10.79.9      **********        4b46347f5c19016  0x0 (nothing)    No                                  <guest>   
217.10.79.9      **********        07c9493462243a5  0x0 (nothing)    No                                  <guest>   
217.10.79.9      **********        57dffc0f7b77d12  0x0 (nothing)    No                                  <guest>   
3 active SIP dialogs

The IP 217.10.79.9 belongs to sipgate (my SIP provider). I was wondering if this is normal!? According to this there are 3 ongoing calls going through my system BUT I know there are none - at least not from any of my phones.

Currently I am very concerned about the security of my system. A friend of mine found his system hacked. His provider stopped the thing at approx. 1000$ on the bill.

cheers
mathiase

2

I suggest that you do some simple things to help secure your system.

  1. Make sure that MySQL is disabled for all connections but local connections (If using Astersik Realtime)
  2. If you’re going to run SIP phones over the internet use a STRONG password, I’m talking about one you have to copy and pasted, becuase it’s soooo long and crazy. For example, I set passwords by random button mashing.(so I end up with passwords like ###%GWG$%Yrfwt45WGwet32^^*fgfdsgsg$56$#%^4365 ) Yes it’s annoying if you have to input it manually, but it’s less annoying than giving 1000$ to some sons-of-bitches that rip you off.
  3. Change your default passwords. THIS IS A BIGGIE. A lot of people just run an base asterisk install. They have the original passwords for everything from FreePBX down to the MySQL server. CHANGE THE DEFAULT PASSWORDS. CHANGE THEM NOW.

If you’re not on calls, you shouldn’t have open channels.