CheckSecurity

As usual, anyone with an Asterisk-based PBX connected to the Internet should take precautions. There are some serious attacks around which exploit configuration problems on Asterisk systems. This may happen through a lack of experience or even by a bug in the software itself.

Our webpage only checks to see if your system allows access from the internet to make calls without authentication. It is NOT a general safety test, and does not certify anything. It simply tests if it is possible to make unauthorised calls through your system.

To use this tool, complete the form below to test if your PBX allows a call to the phone number you have entered. If you receive a call then your system is vulnerable. You need to modify your Asterisk setup or you could lose money when someone exploits this weakness.

Please use this tool only with your own system. Do not test Asterisk servers that are not you do not own.

This tool tries to make an anonymous call by sending SIP packet INVITES witout autentication.

Attackers typically use SIP common passwords widely used or force bruted generated passwords for account authentication.

Important Note: We do not store any values you have entered. We only store the number of servers that have been tested.

For inquiries, please contact us.