Re: [asterisk-users] Detecting DoS attacks via SIP

2017-08-17 Thread tirveni yadav 
I shall recommend fail2ban. We have been using fail2ban successfully for
our Asterisk servers (Debian).

Help on using fail2ban with Asterisk server:
https://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk


On Thu, Aug 17, 2017 at 10:10 AM, Kseniya Blashchuk 
wrote:
> Well, correct me if I'm wrong, but I would say this conversation you have
> posted is a bit outdated, now fail2ban can be used with asterisk security
> log
> https://wiki.asterisk.org/wiki/display/AST/Asterisk+Security+Event+Logger.
>
>
> On Thu, Aug 17, 2017, 4:53 AM Telium Technical Support 
> wrote:
>>
>> Keep in mind that the attacks you are seeing in the log are ONLY the ones
>> that Asterisk is detecting and rejecting.  All other attacks aren't even
>> showing up!
>>
>> There's a good discussion of how to secure your PBX here:
>> https://www.voip-info.org/wiki/view/asterisk+security
>>
>> In general, don't let the malevolent traffic get as far as the PBX (block
>> at
>> the firewall).  Also, Digium regularly warns users that fail2ban is NOT a
>> security system: http://forums.asterisk.org/viewtopic.php?p=159984
>>
>> -Original Message-
>> From: asterisk-users-boun...@lists.digium.com
>> [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of mdiehl
>> Sent: Tuesday, August 15, 2017 3:38 PM
>> To: asterisk-users@lists.digium.com
>> Subject: [asterisk-users] Detecting DoS attacks via SIP
>>
>> Hi all,
>>
>> Lately, I've seen an increase in the number of attacks against my system
>> from the so-called "Friendly Scanner."  When one of these script kiddies
>> targets my server, all I see for symptoms is a few of my trunks become
>> lagged due to server load and a stream of messages on the console that
>> resemble this:
>>
>> [Aug  2 20:27:50]   == Using SIP VIDEO CoS mark 6
>> [Aug  2 20:27:50]   == Using SIP RTP TOS bits 24
>> [Aug  2 20:27:50]   == Using SIP RTP CoS mark 5
>> [Aug  2 20:32:47]   == Using SIP VIDEO TOS bits 24
>> [Aug  2 20:32:47]   == Using SIP VIDEO CoS mark 6
>> [Aug  2 20:32:47]   == Using SIP RTP TOS bits 24
>> [Aug  2 20:32:47]   == Using SIP RTP CoS mark 5
>> [Aug  2 20:34:26]   == Using SIP VIDEO TOS bits 24
>> [Aug  2 20:34:26]   == Using SIP VIDEO CoS mark 6
>>
>>
>> I have to turn on sip debugging to find out who's hitting me.  However, I
>> can't just leave it on because it would kill my logging system.
>>
>> So, how are other people handling this?  Is there an AMI event I want
>> watch
>> for?  I watch for PeerStatus, but since there's no actual peer in the
>> attack, I don't seem to get an event from AMI.
>>
>> Any ideas?
>>
>> Mike Diehl.
>>
>> --
>> _
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>
>> --
>> _
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
> --
> _
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>http://lists.digium.com/mailman/listinfo/asterisk-users



-- 
Regards,

Tirveni Yadav

www.bael.io

What is this Universe ? From what it arises ? Into what does it go?
In freedom it arises, In freedom it rests and into freedom it melts away.
Upanishads.
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Pass CallerId/Privacy info from A Leg to B Leg

2017-08-17 Thread Grant Bagdasarian 
Thank you! Will try it!

-Original Message-
From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Daniel Tryba
Sent: donderdag 17 augustus 2017 11:08
To: Asterisk Users Mailing List - Non-Commercial Discussion 

Subject: Re: [asterisk-users] Pass CallerId/Privacy info from A Leg to B Leg

On Thu, Aug 17, 2017 at 07:28:00AM +, Grant Bagdasarian wrote:
> Is there an option to give to the Dial command, or another variable to set, 
> to make Asterisk copy such information to the B Leg?
> Or do I have to program this out myself?

In chan_sip there are the trustrpid and sendrpid option:

;trustrpid = no ; If Remote-Party-ID should be trusted
;sendrpid = pai ; Use the "P-Asserted-Identity" header
; to send the identity of the remote party 

In pjsip:
;trust_id_inbound=no; Accept identification information received from this
; endpoint (default: "no")
;trust_id_outbound=no   ; Send private identification details to the endpoint
; (default: "no")
;send_pai=no; Send the P Asserted Identity header (default: "no")


-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Pass CallerId/Privacy info from A Leg to B Leg

2017-08-17 Thread Daniel Tryba 
On Thu, Aug 17, 2017 at 07:28:00AM +, Grant Bagdasarian wrote:
> Is there an option to give to the Dial command, or another variable to set, 
> to make Asterisk copy such information to the B Leg?
> Or do I have to program this out myself?

In chan_sip there are the trustrpid and sendrpid option:

;trustrpid = no ; If Remote-Party-ID should be trusted
;sendrpid = pai ; Use the "P-Asserted-Identity" header
; to send the identity of the remote party 

In pjsip:
;trust_id_inbound=no; Accept identification information received from this
; endpoint (default: "no")
;trust_id_outbound=no   ; Send private identification details to the endpoint
; (default: "no")
;send_pai=no; Send the P Asserted Identity header (default: "no")


-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Pass CallerId/Privacy info from A Leg to B Leg

2017-08-17 Thread Grant Bagdasarian 
Hi,

I'm using Asterisk to bridge the incoming call to another destination using the 
Dial command.
However, when an anonymous call comes in then privacy information is not passed 
into the B Leg.
For instance, the Privacy header and P-Asserted-Identity aren't copied to the B 
Leg.

Is there an option to give to the Dial command, or another variable to set, to 
make Asterisk copy such information to the B Leg?
Or do I have to program this out myself?

Regards,

Grant
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users