Jeroen Eeuwes писал 29.12.2011 07:29:
> Probably my understanding is limited, but it seems to me that they > have already 'access' to your Asterisk for them to be able to try to > make outgoing calls. Wouldn't it be better to make sure they get the > "usual" errors like "Registration from failed - no matching peer > found"? > > In other words, how did they get this far in the first place? > > Best regards, > Jeroen Eeuwes Agreed. If you didn't get the "Failed to authenticate on INVITE" (or whatever error should Asterisk log for not authenticated user trying to place a call, I might be wrong here) - your problem is way more serious. As I can advice you from my wast (despite not always successfull) intruders fighting experience - banning by useragent can help. I always dreamed of Asterisk to implement that, but until then - if all your users are like "Linksys blablabla" or "eyeBeam blablabla" and you see any other agent on the Asterisk log - just ban it. Ofcourse, there are 2 limitations: 1) If he doesnt register, Asterisk wont show his useragent in log. And as for yor issue - neither will it show IP. I think we might ask devs to correct that some day 2) if you dont have some standard for user sip devices and they use whatever they want to, it wont help either -- With Best Regards Mikhail Lischuk ITX Ukraine
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users