When friendly-scanner gets aggressive

Not so friendly after all In my October 2010 articles about Asterisk IP-PBX security (linked here), I described how port scanning probes from the so-called “friendly-scanner” could be seen several times a day on a typical SIP server exposed to the Internet. Since then, I – or at least one of my clients – had the displeasure … Read more


How secure is your Asterisk PBX? – part 3

Getting more advanced In part 2, we looked at several ways in which an Asterisk system administrator can help to make their system more secure, with special emphasis on avoidance of toll fraud. In this, the third and final article in the series, I will pick up on a topic that was left unfinished at the … Read more


How secure is your Asterisk PBX? – part 2

Protecting your Asterisk server In part 1, we examined the techniques that are used to probe for vulnerabilities in a SIP server and reviewed the types of exploitation a would-be hacker hopes to use. In this second part, I look at the ways you can protect your Asterisk or other SIP server and guard against weaknesses … Read more


How secure is your Asterisk PBX? – part 1

A growing problem Like a slice of Victoria sponge cake on a summers day attracts wasps, so new technologies seem to attract the attention of cyber-criminals. The more widely used the technology, the greater the interest. It was inevitable, and widely predicted, that VoIP would become a favorite target for hackers as its popularity and uptake increased … Read more