Bug#714861: Asterisk do not log source IP for Failed to authenticate device
Package: Asterisk Version: 1:1.8.13.1~dfsg-3 Problem: Asterisk 1.8 do not log source IP address used for brute force attacks in some cases. Thus usage of Fail2ban or other tools is limited. [Jul 3 17:50:33] NOTICE[9381] chan_sip.c: Failed to authenticate device 2011sip:2011@88.87.95.127;tag=b64644c2 bug like http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706739 for Asterisk 1.6 in Squeeze Best Regard Kozak Ivan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#714861: Asterisk do not log source IP for Failed to authenticate device
On Wed, Jul 03, 2013 at 06:36:44PM +0400, Козак Иван Васильевич wrote: Package: Asterisk Version: 1:1.8.13.1~dfsg-3 Problem: Asterisk 1.8 do not log source IP address used for brute force attacks in some cases. Thus usage of Fail2ban or other tools is limited. [Jul 3 17:50:33] NOTICE[9381] chan_sip.c: Failed to authenticate device 2011sip:2011@88.87.95.127;tag=b64644c2 bug like http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706739 for Asterisk 1.6 in Squeeze This is technically a simple issue to fix (I don't have the upstream issue handy, but it's nothing much more thn a fix of a format string and such). Upstream declined to do so for 1.8 as it was too late to do so by the time it froze. For the same reason I don't see this bug getting fixed in Wheezy (right?). For 11 (which should hopefully land in Unstable there is a separate security log source that lists security events in a much better way. -- Tzafrir Cohen icq#16849755 jabber:tzafrir.co...@xorcom.com +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#714861: Asterisk do not log source IP for Failed to authenticate device
Op 2013-07-04 om 01:48 schreef Tzafrir Cohen: On Wed, Jul 03, 2013 at 06:36:44PM +0400, Kozakman wrote: Thus usage of Fail2ban or other tools is limited. This is technically a simple issue to fix (I don't have the upstream issue handy, but it's nothing much more thn a fix of a format string and such). Upstream declined to do so for 1.8 as it was too late to do so by the time it froze. For the same reason I don't see this bug getting fixed in Wheezy (right?). On the other hand is this particular string format fix a security update. Groeten Geert Stappers -- Leven en laten leven signature.asc Description: Digital signature
