Major security breach/bug!?
I installed version 4 a few weeks ago on a ec2 instance. I connected it to a trunk and did some testing. Since then the instance has been suspended.
I was checking my trunk credits and I realize that the trunk has been subjected for a lot of fraud attempts during the night, approx 500 calls.
The fraud attempts does not come from the GOautodial server itself, all calls is directly connected to the trunk with the correct credentials.
The only possible way I can see is that someone has gathered the trunk information from my GOautodial install in some way.
The reply I got from the trunk provided pointed towards the same thing, I have attached the screenshot of the reply I received from my trunk provider.
Please look in the issue and update on the same.
Please don't double post! https://goautodial.org/boards/3/topics/18426.
RE: Major security breach/bug!? - Added by Enzo Zazzaro about 2 months ago
the problem is you firewall. dont open 5060/5061 at web. newer! you install firewall or firewall script
- allowed ip file location
- Specify where IP Tables is located #
- Save current iptables running configuration in case we want to revert back
- To restore using our example we would run "/sbin/iptables-restore < /usr/src/iptables.last" #
- Clear current rules
##If current INPUT policy is set to DROP we will be locked out once we flush the rules
- so we must first ensure it is set to ACCEPT.
$IPTABLES -P INPUT ACCEPT
echo 'Setting default INPUT policy to ACCEPT'
echo 'Clearing Tables F'
echo 'Clearing Tables X'
echo 'Clearing Tables Z'
echo 'Allowing Localhost'
$IPTABLES -A INPUT -s 127.0.0.1 -j ACCEPT #
- Whitelist #
echo "Permitting $x..."
$IPTABLES -A INPUT -s $x -j ACCEPT
- block all other traffice
- Save the rules so they are persistent on reboot.
service iptables save
and in /usr/src/firewall/whitelist.txt any ip for accept.
and in rc.local insert this script.