Getting phonecalls during the middle of the night on your Asterisk server?

You're not alone. People with malicious intentions are scanning for open SIP servers all the time. Aster1sk from Geekhut.org posted a useful video for those of you using a badly configured FreePBX + Asterisk. I'm sure this will be useful for someone..

Scan your public facing PBX with VOIPSCANNER.com

Announcing VOIPSCANNER.com, the SaaS Voice over IP Security scanner. If you're already familiar with SIPVicious, then you can guess what this tool does. This online tool makes it easier than ever to check if the Asterisk box you just installed, or most other SIP PBX servers, is misconfigured and contains weak credentials. Attackers on the 'net are already doing this for their own benefit, don't wait until they hit your PBX!

Using this tool consists of the following steps:

1. Register an account and buy credit (or use the time limited promo SIPV to get some for free)
2. Enter the IP address of your PBX server and scan away
3. Receive a report by email that shows the findings
   

How does it work really?
VoIPScanner.com is making use of the next generation of SIPVicious (2.0) in the background and right now it does the following automatically:

1. Checks if an IP PBX is listening on the given address
2. Does extension enumeration, just like svwar in SIPVicious
3. For each extension found it starts a password cracking attack
   
4. Generate a PDF report such as this one
   

Any feedback or affiliate requests, contact me.

How to identify Asterisk servers and upload MOSDEF on AsteriskNOW

Originally posted this on EnableSecurity's blog but cross posting since not everyone is subscribed.


IAX2Scan and AsteriskNOW_Exec - security testing for Asterisk from Sandro Gauci on Vimeo.