Comments on: Asterisk and SIP Security Redux

By: jtodd

jtodd — Mon, 30 Nov 2009 18:10:41 +0000

Matt – You can find a replay here (http://www.youtube.com/watch?v=d3h0QxIzkCc) on YouTube.

By: Matt

Matt — Sat, 28 Nov 2009 01:10:20 +0000

I cant believe I missed the webinar…

By: jtodd

jtodd — Sat, 07 Nov 2009 00:53:27 +0000

Digium has invited representatives from the FBI (Special Agent Michael McAndrews) and the VoIP Security Alliance (Dan York) to discuss general VoIP security, followed by some Digium folks (Jared Smith, Tristan Barnum) who will talk about specific Asterisk and Switchvox security hints and methods. Sign up for the webinar, which will be given on November 13th at 10:30 – 11:30 Central time, and get notices here: https://www1.gotomeeting.com/register/828991377

By: Philippe Lindheimer

Philippe Lindheimer — Thu, 29 Oct 2009 20:27:50 +0000

John writes:

“We’d encourage any other re-packagers or users of Asterisk to implement a similar UI hint that forces good password behavior by users and local admins.”

We could not agree more. FreePBX also discourages weak passwords and also has a module that will audit your system for SIP and IAX passwords and warn you where there are weaknesses, in case they were configured many moons ago when we were not monitoring this, or where your SIP provider may have provided you with weak passwords since it will pick these up also.