On 01/19/2014 08:40 AM, Steve Murphy wrote:
Here's another idea! How about changing your port from 5060 to something
different, maybe 7067 or some other number that is not popularly being
used?
You'll provision your phones to use this port, and the scanners will not
find you. Seems a much simp
>
>
> I see MANY of these in my log files:
>
>
> [Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '"202"
> ' failed for '37.8.12.147:26832' - Wrong password
> [Jan 15 03:06:19] NOTICE[14129] chan_sip.c: Registration from '"5001"
> ' failed for '37.8.12.147:21268' - Wrong password
> [Ja
users-boun...@lists.digium.com] On Behalf Of Andrew Colin
Sent: Sunday, January 19, 2014 2:39 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] stopping unwanted attempts
Geoip works well to block all countries except your own
Regards
Andrew Colin-mobile
Vsa
...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Chris Bagnall
Sent: Sunday, January 19, 2014 10:40 AM
To: asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] stopping unwanted attempts
On 19/1/14 2:57 pm, Ron Wheeler wrote:
> fail2ban is so easy to
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Chris Bagnall
Sent: Sunday, January 19, 2014 10:40 AM
To: asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] stopping unwanted attempts
On 19/1/14 2:57 pm, Ron Wheeler wrote:
> fail2ban is so easy to set up, there is
On 19/1/14 2:57 pm, Ron Wheeler wrote:
fail2ban is so easy to set up, there is no reason not to set it up.
One of the dangers with fail2ban - at least in its default configuration
- is that a legitimate SIP phone with an incorrect password can quite
easily send dozens of registration attempts
Changing from 5060 is very effective.
Sure, someone with the knowledge could try all the ports IF they know you are
even running SIP, but it certainly will stop most of these idiots .
That along with fail2ban, not using numbers for device user names all will help.
Using IAX where possible also
fail2ban is so easy to set up, there is no reason not to set it up.
The geography problems are not so bad unless you have phones all over
the world or people travelling with softphones to countries that you
want to block.
It does not block incoming calls only people who want to mimic your own
On Sat, Jan 18, 2014 at 3:59 PM, Steve Edwards wrote:
> On Sat, 18 Jan 2014, Jerry Geis wrote:
>
> I see MANY of these in my log files:
>>
>> [Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '"202"
>> ' failed for '37.8.12.147:26832' - Wrong password
>>
>> What is the "correct" way t
On Sat, 18 Jan 2014, Jerry Geis wrote:
I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '"202"
' failed for '37.8.12.147:26832' - Wrong password
What is the "correct" way to block these idiots so they
don't even get this far.
Use iptables to
: [asterisk-users] stopping unwanted attempts
I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '"202"
' failed for '37.8.12.147:26832' - Wrong password
[Jan 15 03:06:19] NOTICE[14129] chan_sip.c: Registration from '&quo
I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '"202"
' failed for '37.8.12.147:26832' - Wrong password
[Jan 15 03:06:19] NOTICE[14129] chan_sip.c: Registration from '"5001"
' failed for '37.8.12.147:21268' - Wrong password
[Jan 15 03:06:23] NOT
12 matches
Mail list logo