VOIP Keeps Getting Hacked


#1

Hello,

I have been a user of Asterisk and FreePBX for years. It wasn’t until just this year that all of a sudden my VOIP server keeps getting hacked. I have setup TOP security on my server, installed CSF/LFD firewall, fully and carefully configured everything, set secure passwords, changed port #'s and the whole nine yards. Everything was fine for several months and now all of a sudden someone has hacked my VOIP box again for like the 6th time in the last couple months.

My questions are:

Why are they continuously targeting me?

What can I do to prevent them from hacking my VOIP server?

Is there some sort of security that I can setup on the box to prevent these hacks? I mean, I don’t know what else to do.

Is there a ‘Secure’ VOIP server out there or an image or something that comes with the security and stuff already configured?

I have tried Trixbox, PBX in a Flash, and just Raw Asterisk with FreePBX. No matter what server I use and how it’s configured, they still hack it.

Any suggestions that I can do to prevent these hacks into my box?

Thank you,
Larry


#2

Hello Larry,

If You had strong passwords and IDS (fail2ban or LFD) installed on Your system, then only thing I can suppose that your web is opened for everyone. If it’s so, your system is weak against attacked on web panel.

What I can suggest ,is to close access to your web panel or use ssh tunnel to access it.

You can consult also - nerdvittles.com/?p=737

Hope it will help,
Good luck.
Jox.