Password brute-force¶

Attacker uses application, which traverses all possible or popular words which could be used as a password, as soon as valid password would be found.
Weak passwords are prone to this attack.
Following services are prone to this type of attack:

SSH console. After password has been guessed attacker could perform whenever actions he wants with the server - perform parallel VoIP proxy attack, add new SIP account and terminate huge amount of calls, steal your confidential data, etc.
web-interface. After password has been guessed, attacker could add new VoIP account and terminate huge amount of calls or steal your confidential data.
SIP. In case if you have configured peers with dynamic IP address in SIP parameters, after password has been guessed, could terminate huge amount of calls.

To protect from this attack following means are used:

Fail2Ban application
Limited SSH access
Password strength check system
Balance cutoff
Origination control
Encrypted passwords

Русский перевод