- Identify vulnerabilities of the United Nations Asterisk Server
configured as usual. - Configure Asterisk to provide Security Solutions v. - Optimize Security Between Calls paragraph prevent intruders access Enjoy access. - How to use TSL protocols to avoid eavesdroppers Between branches. Theoretical framework 1. Asterisk Asterisk is a complete PBX in software. It runs on Linux, BSD, Windows and OS X and provides all the features you would expect from a PBX and more. You can interoperate with almost all telephony equipment based on standards using relatively inexpensive hardware. Asterisk provides Voicemail services with Directory, conferencing, IVR, call waiting. It has support for three-way calling, caller ID, ADSI, IAX, SIP, H323 (as both client and gateway), MGCP and SCCP / Skinny. Asterisk needs no additional hardware for Voice over IP. One or more VOIP providers can be used for outgoing and / or incoming calls (outgoing and incoming calls can be handled through different VOIP and / or telecommunications providers) For interconnection with digital and analog telephony equipment, Asterisk supports a number of hardware devices, most notably all of the hardware manufactured by Asterisk's sponsors, Digium. Digium has T1 and E1 plates 1, 2 and 4 ports for interconnection to PRI lines and channel banks. In addition, analog cards FXO and / or FXS ports 1 to 4 are available and are very popular for small installations. Cards from other vendors can be used for BRI or compatible cards four eight BRI ports based on CAPI compatible cards or HFC chipset cards. Lately, separate devices are available to carry out a wide range of tasks including providing FXO and FXS ports that simply plug into the LAN and are registered in the Asterisk as available devices. 2. Safety Asterisk The most common form of attack that is showing towards IP telephony solutions based on Asterisk is to seek SIP servers, which are exposed to the Internet, even NATed firewalls. It is SIP attacks, intrusions are not, or are exploiting vulnerabilities can be repaired with a patch, they are basically oversights in configuration to the Internet. The attackers made attempts through techniques of "brute force", trying different numbers of attachments, such as the typical 100, 101, 1000, 2001, etc. and conduct tests with many passwords. Very often we use the same password for all annexes and usually with very little imagination, just numbers and combinations such as 1234, 7777, 0000, etc.