Hello All,
In the last months I saw different abuses of Asterisk based PBXes. All of my PBXes are secured by some good firewall but I have got the experience that when u shutdown the firewall and letting a PBX like Trixbox for some time directly connected with Internet, It will be abused within a short time.
Abusers can login on some arbitrary extension within a short time and use the calling routes for this extension. It doesn't matter what is the username or how long and how strong the password is, they will login and start calling to expensive numbers in Africa.
Can somebody tell me how they can do this? Can they login without any password?
It doesn't matter witch system, the abuse will happening by Trixbox, FreePBX, 4psa with kamilio SIP server and lot of other.
Most important for this is how can we stop this kind of abuse.
Thanks for each reply!
Member Since:
2010-12-11