Hi Asghar,
surely this can improve security but what I'm looking for is something
to find the real attacker IP address and ban it. Fail2ban bans my own
public ip address.
Thank you
Giorgio
On 10/01/2013 05:53 PM, Asghar Mohammad wrote:
Hi,
Bad boys trying to guess a valid username.
in sip.conf uncomment alwaysauthreject=yes and Asterisk always reject
1st invite.
On Tue, Oct 1, 2013 at 5:26 PM, Gareth Blades
<mailinglist+aster...@dns99.co.uk
<mailto:mailinglist+aster...@dns99.co.uk>> wrote:
On 01/10/13 15:44, gincantalupo wrote:
On Tue, Oct 1, 2013 at 5:07 AM, gincantalupo
<gincantal...@fgasoftware.com
<mailto:gincantal...@fgasoftware.com>> wrote:
Hi,
I get a lot of these messages on my Asterisk CLI:
"Failed to authenticate user
1000<sip:1000@MY_OWN_IP_ADDRESS>;tag=03f82bb9"
as if my PBX machine is trying to authenticate to itself. It
seems someone is attacking my asterisk PBX.
Is there a way to fix this problem?
in sip.conf I have guest connections permitted and have them going
to the default context which contains :-
[default]
; all unauthenticated connection attempts from the internet come
in here.
exten => _[+*#0-9].,1,NoOp(Unauthenticated call attempt -
${SIP_HEADER(Contact)})
exten => _[+*#0-9].,n,Congestion
Then in fail2ban I have it match the following :-
failregex = Registration from .* failed for \'<HOST>\' - Wrong
password
Unauthenticated call attempt .*\@<HOST>\:
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users