Shouldn't this warning be removed from the Interface

image

Shouldn’t this just say what port you are running on and get rid of the language about it being a NON STANDARD port - From experience and constant nagging from Dicko, I no longer run any of my Asterisk machines on 5060/5160 - It eliminates SO much hacking it’s not even funny.

Wouldn’t it be better to say “Good Job” for not using the standard port?

3 Likes

Further, the standard port for ssh is 22, the standard port for AMI is 5038, are these things also needing a caution if open changed or limited ? :wink:

Agreed - It’s a little thing, but still - keeping these boxes un-hacked can be challenging!

Not a little thing at all, 99.99+% of all attacks come on udp:5000-5999, that is just a reality :slight_smile:

Further they only ever come to your IP address , never your domain.name, again, if anyone can show me any exception, I would be more than interested as it would likely be an ''inside job" or one very clever black-hat :wink:

Any such prophylaxes are trivial (as previously documented)

1 Like

No one attacks the chargen service.

FreePBX should default to using port 19.

(You heard it here first… and probably last.)

3 Likes

Funny as that is, practically how would asterisk as an unprivileged user be able to bind to a port < 1024 without some sort of escalation ? Probably 1547 is traffic free though as are 48620–49150 still ‘unassigned’, 62000 to 63999 are my choice , ephemeral , private and unassigned and a netfilter port scan rule would long ago catch that dude.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.