>> I'd suggest to everyone to ban that IP, it's been scanning our networks >> from time to time, in a sequential manner by IP. > > I've had really good luck with this: > > http://www.voip-info.org/wiki/view/Fail2Ban+(with+iptables)+And+Asterisk > > Basically, it automatically blackhols via IPtables any host that fails a > certain number of registration attempts in a given period.
Yeah we're actually rolling it out on all of our production servers, it's a great application to run. I'm working on some scripts to propagate the bans to the firewall so that all of the servers get protected as soon as possible. > [default] > ; Send any unauthenticated calls to the local FBI office > context=local-fbi-office > > I've got a honeypot server that pretty much accepts any calls that come > through, and plays a "Thank you for calling the Telecommunications Fraud > hotline. Please stay online for the next available representative." If they > stay online for more than 20 seconds, it connects them to an agent at the > FBI that we have been working with. > > I've been meaning to add some code in that pulls out the originating IP > address of the call and tells it to the agent when we call. :) That would be great to have! _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
