[Astlinux-users] adaptive-ban for SIP calls

Tue, 13 Aug 2013 10:38:42 -0700 

Currently running the latest (v112) release of Astlinux. I have enabled the 
adaptive-ban and ids-protection firewall plugins. My AstLinux box is sitting 
behind my router, where I have port-forwaded 5060-5061 for SIP and my RTP ports.

I just took a look in /var/log/asterisk/messages and found the snippet below. 
What is the best way to block these "attacks"?


[Aug 13 12:44:09] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5074) to 
extension '011972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:10] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5084) to 
extension '9011972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:11] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5090) to 
extension '00972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:11] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5070) to 
extension '1011972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:12] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5082) to 
extension '0011972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:13] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5071) to 
extension '7011972597540595' rejected because extension not found in context 
'default'.
[Aug 13 12:44:14] NOTICE[1345] chan_sip.c: Call from '' (94.23.202.102:5084) to 
extension '8011972597540595' rejected because extension not found in context 
'default'.


cheers,
   Shamus
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead. 
Download for free and get started troubleshooting in minutes. 
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.

Reply via email to