Skip to main content

Tags asterisk

OSSEC v1.5 now has builtin Asterisk rules

Published on May 2, 2008 in ,

A new OSSEC version has been released. Along with a number of updates, OSSEC now includes the Asterisk rules that were first published in my hakin9 article and then here. The rest of the updates are described in the Changelog. Grab it now.…

Read more »

Using OSSEC to detect attacks on an Asterisk box

Published on Mar 15, 2008 in , ,

This post is an echo on the previous post which describes how to configure snort to detect SIP attacks. This time we look at detecting attacks at the PBX’s end rather than by monitoring network traffic. OSSEC allows us to do just this - it is a host intrusion detection system that can do matching on log files and actively react to attack. By default OSSEC does not have support for Asterisk.…

Read more »

SIP, TLS and Asterisk 1.6

Published on Feb 8, 2008 in ,

Until a few weeks ago, to enable TLS support in Asterisk you had to apply patches to the source code. As of version 1.6, Asterisk will have native TLS support for SIP transport, making it one of the few IP PBX systems out there that support this security feature. Too many experts suggest encryption as a solution to the VoIP confidentiality issues, but in reality the number of PBX and IP phones that support is still very low and many times it is not a viable solution.…

Read more »

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in working with us? Get in touch

We hate spam and hard-selling and are committed to protecting and respecting your privacy. You can unsubscribe from these communications at any time. By subscribing, you are agreeing to the Terms and Conditions. this site uses reCAPTCHA, the Google Privacy Policy and Terms of Service apply.