On 08/24/2010 12:09 PM, Jason Rose wrote:
I was just wondering if anyone is keeping a local database of troublesome IP
addresses?
Im in my server now and noticed yet another attempt from a different IP, this
one bruteforced extensions, then passwords - luckly I hardened all of mine last
night!
Attacks will happen all the time, the only way to stop them is to block
all unknown IP's but this is really on viable if you know the source
IP's of all connecting machines. The other is to allow fail2ban to watch
your asterisk logs how to here :
http://www.fail2ban.org/wiki/index.php/Asterisk
Also I now get an error "chan_sip.c:1948 retrans_pkt: Maximum retries exceeded
on transmission" and all of my calls hang up after appx 2 seconds, the only
changes I made were:
1) changing passwords (all hard phones have been updated)
2) iptables -A INPUT -s 93.114.196.160 -j DROP
3) iptables -A OUTPUT -d 93.114.196.160 -j DROP
4) added both IPs to the hosts.deny file
Did you add the IP's correctly to iptables? It's possible that you
accidently blocked ? You should look at your iptables rules "iptables
--list" and see what is marked for as DROP
I cannot seem to make the system work now!?!
Any help is much appreciated!
Thanks,
Jason
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.851 / Virus Database: 271.1.1/3091 - Release Date: 08/24/10
02:34:00
--
Mike Ashton
Quality Track International
Work: +1 647 724 3500 x251
Cell: +1 416 527 4995
QTI CONFIDENTIAL AND PROPRIETARY INFORMATION
The contents of this material are confidential and proprietary to Quality Track
International, Inc.
and may not be reproduced, disclosed, distributed or used without the express
permission of an authorized representative of QTI.
Use for any purpose or in any manner other than that expressly authorized is
prohibited.
If you have received this communication in error, please immediately delete it
and all copies, and promptly notify the sender.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
