On Wed, Mar 30, 2011 at 9:38 AM, vip killa <vipki...@gmail.com> wrote: > so does anyone use fail2ban w/ asterisk or most people use sshguard?
Vip, the overall message is that it takes layers of settings/configurations to "secure" an installation. Simple Guide 1. alwaysauthreject = yes in http://svn.asterisk.org/svn/asterisk/trunk/configs/sip.conf.sample 2. Static firewall rules 2.1 Drop invalid traffic 2.2 Slow ICMP and TCP Reset attacks 2.3 Disable unneeded services 3. Dynamic firewall rules 3.1 Fail2ban (works ok, but you should test it) 3.2 Portscanning Block (http://www.newartisans.com/2007/09/neat-tricks-with-iptables.html) 3.3 Other solutions 3.4 Bad Network Lists (http://www.spamhaus.org/drop/) 4. Auditing. None of the above will work if not audited or reviewed on a regular basis. 5. Reporting. With Monthly reporting you can see trends and make good choices. -- ~~~ Andrew "lathama" Latham lath...@gmail.com ~~~ -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
