Hi guys, i've seen this too, nagios woke me up because it was an extremely high volume of tries.
I took a peek into the logs and saw that the attacker's script was trying extensions from 1 to 9999 and then random names. I can see the log in the messages file that several attempts failed because there was no such extension. I see no log entries for extensions that actually exist. My passwords are okay, so i'm not worried, i'm jusy courious, why can't i see a log message for the matching peer extensions with a 'bad password' (or similar) message? thanks adam -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users