If you're using a redhat based distro, have you checked SELinux? Try
disabling (will require a server reboot)
Regards
Ish
On 3 September 2014 20:41, Steve Edwards asterisk@sedwards.com wrote:
For future reference, a well chosen subject will yield more relevant
replies.
Better bait ==
hi,
any plans update patch for 11.12.0?
|https://github.com/meetecho/asterisk-opus
https://github.com/netaskd/asterisk-opus/
|
patching file build_tools/menuselect-deps.in
patching file channels/chan_sip.c
Hunk #1 succeeded at 7659 (offset -98 lines).
Hunk #2 succeeded at 11011 (offset -34
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to block
that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375 handle_request_invite:
Call from '' (213.136.81.166:9306) to extension '34422' rejected because
extension not found in context 'default'.
Thanks in
On 04-09-14 16:44, motty cruz wrote:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to
block that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375 handle_request_invite:
Call from '' (213.136.81.166:9306 http://213.136.81.166:9306) to
extension '34422' rejected
Am 04.09.2014 16:44, schrieb motty cruz:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to
block that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375
handle_request_invite: Call from '' (213.136.81.166:9306
http://213.136.81.166:9306) to extension '34422'
Thanks, looks like fail2ban is the way to go, I would prefer a different
alternatives if there is one. I tried deny=IP/netmask but did not work for
me, in sip.conf. seems like fail2ban is what you all are using, so I will
give it a try.
Thanks,
On Thu, Sep 4, 2014 at 7:58 AM, Thorsten Göllner
solved, permissions problem. Asterisks run with user asterisk at default, I
changed to asteriskpbx as the book says ;)
_
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Anthony
Azzopardi
Sent: 03 September 2014 20:57
To:
On Thursday 04 Sep 2014, motty cruz wrote:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to block
that IP?
Instead of blocking unwanted IPs, you should be permitting only wanted IPs.
--
AJS
Note: Originating address only accepts e-mail from list! If replying
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
outside the office with dynamic IPs, so that is not a possibility. Thanks
for your suggestions, I will try fail2ban. I don't know how complicated is
to implement that on production server.
Thanks,
-Motty
On Thu,
dont forgot to put your trusted IPs into ignoreip list while configuring
fail2ban
its very important when a customer (may be 100+ extns) are behind NAT and only
present single public IP
RgdsHash
Date: Thu, 4 Sep 2014 08:42:11 -0700
From: motty.c...@gmail.com
To: asterisk-users@lists.digium.com
If we don't need to allow access from outside the USA we block access from all
non-ARIN IP addresses by using iptables. This takes care of at least 80% of
attacks.
I enabled guest access and pointed all guest calls to an IVR which auto
disconnects the call after a while (2 min seems good) if
I was able to get a packet trace of this event
Time
312.353549 - INVITE to primary
313.222303 - INVITE to primary ( suspected resend of frame )
314.289215 - INVITE to backup
315.397120 - INVITE to backup ( suspected resend of frame )
So is primary just too slow to answer ? I am not seeing
You can also take a look at SecAst (www.generationd.com).The free version
is a drop-in replacement for fail2ban but also add a lot more intelligence (and
no need to update regex's etc). There's also geographic IP fencing so you can
block attacks by country / region / city etc., only allow
Please don't top post.
On Thu, 4 Sep 2014, motty cruz wrote:
Hi A J, believe me, I wish i do as you suggested, however I have a few
extensions outside the office with dynamic IPs, so that is not a
possibility.
Do your few extensions travel to China, Russia, Iran, Iraq, North Korea,
etc?
On Thursday 04 Sep 2014, motty cruz wrote:
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
outside the office with dynamic IPs, so that is not a possibility.
If you know what ISPs they are using, then you can allow just those ISPs'
address ranges. That will
On 4/9/14 4:58 pm, Eric Wieling wrote:
If we don't need to allow access from outside the USA we block access from all
non-ARIN IP addresses by using iptables. This takes care of at least 80% of
attacks.
Likewise here (though RIPE rather than ARIN, since we're the other side
of the pond).
Thank you all for your support, your suggestions are welcome.
Thanks,
On Thu, Sep 4, 2014 at 9:26 AM, Chris Bagnall aster...@lists.minotaur.cc
wrote:
On 4/9/14 4:58 pm, Eric Wieling wrote:
If we don't need to allow access from outside the USA we block access
from all non-ARIN IP addresses
We are currently migrating from a Nortel pbx to Asterisk and we
have been able to convert most of the functions that people are used to
but there is one I have no clear idea how to do. The scenario is:
Boss calls secretary from outside the office to get connected to
another outside
Why can't you continue within the extension and dispatch whether the call failed or terminated?
Simply make a second call.
jg
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us
asterisk-users-boun...@lists.digium.com wrote on 09/04/2014 11:57:40 AM:
We are currently migrating from a Nortel pbx to Asterisk and we
have been able to convert most of the functions that people are used to
but there is one I have no clear idea how to do. The scenario is:
Boss
Sounds like you are running FreePBX.
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Mitul Limbani
Sent: Thursday, September 04, 2014 6:34 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users]
Kevin,
With your dialplan with g option on external trunk, if the call finishes
the boss's leg of call also gets disconnected. So the next instruction
would make a call to secratary, however with no one on other end.
Mitul
On 04-Sep-2014 11:44 PM, Kevin Larsen kevin.lar...@pioneerballoon.com
Join a worldwide community of designers, developers, and communications
technologists to to create, code, and design apps built on Asterisk and
other communications APIs at the inaugural AstriCon Hackathon!
Obligatory yet useful information:
*When*: Wednesday, October 22nd at 8AM. A reception is
23 matches
Mail list logo