Jump to content

SIP Security


andrewgroup
 Share

Recommended Posts

Today we had a client PBX with park orbits and low or easy SIP passwords get remote registrations from a Canadian IP address and the clients PBX was making outbound BANK CARD scam calls.... Caught it early but the lessons are clear and a few best practices are coming from the experience and perhaps a feature request...

 

Lesson 1. Complex Passwords are a must - No longer can we make it easy for the users

Lesson 2. Park Orbits will not enherit a default dial plan

Lesson 3. enable more logging an email notifications on extensions

 

Possible Feature requests - (optional allowable IP Address ranges on an ext Basis for phones to register from.

 

Cheers, and learn from the experienced.

Link to comment
Share on other sites

Today we had a client PBX with park orbits and low or easy SIP passwords get remote registrations from a Canadian IP address and the clients PBX was making outbound BANK CARD scam calls.... Caught it early but the lessons are clear and a few best practices are coming from the experience and perhaps a feature request...

 

Lesson 1. Complex Passwords are a must - No longer can we make it easy for the users

Lesson 2. Park Orbits will not enherit a default dial plan

Lesson 3. enable more logging an email notifications on extensions

 

Possible Feature requests - (optional allowable IP Address ranges on an ext Basis for phones to register from.

 

Cheers, and learn from the experienced.

 

Totally agree.

 

We introduced the script that checks password for their "randomness". Unfortunately, due to a request from the sales front, we were asked to disable it in the default installation, so that a password like "secret" is accepted as a password (like "", the empty string).

Link to comment
Share on other sites

  • 4 weeks later...

Yea i had this happed here in utah also customer created some extensions with blank passwords. fortunalty our sip switch sets budgets for each domain so they were cut off fairly fast.

 

 

i have however seen pbxnsip defend itself from constant registration attempts..

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...