On 11/10/13 18:43, Tiago Geada wrote:
Hi,
Seems a great workaround from Gareth Blades. Thanks I will try it.
Any way to make asterisk log a line in /var/log/messages ?
I normally have all the verbose output sent to the log file so anything
in the NoOp() line gets logged to the file so thats
*To:* Asterisk Users List
*Subject:* Re: [asterisk-users] Failed to authenticate user
1000sip:1000@MY_OWN_IP_ADDRESS; tag=03f82bb9
Hi,
Bad boys trying to guess a valid username.
in sip.conf uncomment alwaysauthreject=yes and Asterisk always reject 1st
invite.
On Tue, Oct 1, 2013 at 5:26 PM
Of Asghar Mohammad
[asghar...@gmail.com]
Sent: Tuesday, October 01, 2013 11:53 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Failed to authenticate user
1000sip:1000@MY_OWN_IP_ADDRESS; tag=03f82bb9
Hi,
Bad boys trying to guess a valid username.
in sip.conf uncomment alwaysauthreject
Hi Garet,
ok but since the messages contain my own public IP with this method I'm
banning my public IP not the real attacker IP. Am I wrong?
Giorgio
On 10/01/2013 05:26 PM, Gareth Blades wrote:
On 01/10/13 15:44, gincantalupo wrote:
On Tue, Oct 1, 2013 at 5:07 AM, gincantalupo
Hi Asghar,
surely this can improve security but what I'm looking for is something
to find the real attacker IP address and ban it. Fail2ban bans my own
public ip address.
Thank you
Giorgio
On 10/01/2013 05:53 PM, Asghar Mohammad wrote:
Hi,
Bad boys trying to guess a valid username.
in
On 02/10/13 16:13, gincantalupo wrote:
Hi Garet,
ok but since the messages contain my own public IP with this method
I'm banning my public IP not the real attacker IP. Am I wrong?
Giorgio
No the asterisk dialplan entry is pulling the IP address out of the SIP
Contact: header which in the
Hi,
I get a lot of these messages on my Asterisk CLI:
Failed to authenticate user 1000sip:1000@MY_OWN_IP_ADDRESS;tag=03f82bb9
as if my PBX machine is trying to authenticate to itself. It seems
someone is attacking my asterisk PBX.
Is there a way to fix this problem?
Thank you.
Giorgio
Well, you could use some software like denyhosts or fail2ban to block an IP
after a predefined number of (failed) authentication attempts.
Regards,
Ricardo
On Tue, Oct 1, 2013 at 5:07 AM, gincantalupo
gincantal...@fgasoftware.comwrote:
Hi,
I get a lot of these messages on my Asterisk CLI:
Hi Ricardo,
we are already using fail2ban but it bans my own ip address not the real
original ip of the attacker. How can I find it?
Thank you
Giorgio
On 10/01/2013 02:16 PM, Ricardo Saffi Marques wrote:
Well, you could use some software like denyhosts or fail2ban to block
an IP after a
On 01/10/13 15:44, gincantalupo wrote:
On Tue, Oct 1, 2013 at 5:07 AM, gincantalupo
gincantal...@fgasoftware.com mailto:gincantal...@fgasoftware.com
wrote:
Hi,
I get a lot of these messages on my Asterisk CLI:
Failed to authenticate user
Hi,
Bad boys trying to guess a valid username.
in sip.conf uncomment alwaysauthreject=yes and Asterisk always reject 1st
invite.
On Tue, Oct 1, 2013 at 5:26 PM, Gareth Blades
mailinglist+aster...@dns99.co.uk wrote:
On 01/10/13 15:44, gincantalupo wrote:
On Tue, Oct 1, 2013 at 5:07 AM,
11 matches
Mail list logo
