Hi All,
I see this kind of attack on our Asterisk Server, do you know how to block
that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375 handle_request_invite:
Call from '' (213.136.81.166:9306) to extension '34422' rejected because
extension not found in context 'default'.
Thanks in
On 04-09-14 16:44, motty cruz wrote:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to
block that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375 handle_request_invite:
Call from '' (213.136.81.166:9306 http://213.136.81.166:9306) to
extension '34422' rejected
Am 04.09.2014 16:44, schrieb motty cruz:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to
block that IP?
[Sep 4 07:41:06] NOTICE[7375]: chan_sip.c:23375
handle_request_invite: Call from '' (213.136.81.166:9306
http://213.136.81.166:9306) to extension '34422'
Thanks, looks like fail2ban is the way to go, I would prefer a different
alternatives if there is one. I tried deny=IP/netmask but did not work for
me, in sip.conf. seems like fail2ban is what you all are using, so I will
give it a try.
Thanks,
On Thu, Sep 4, 2014 at 7:58 AM, Thorsten Göllner
On Thursday 04 Sep 2014, motty cruz wrote:
Hi All,
I see this kind of attack on our Asterisk Server, do you know how to block
that IP?
Instead of blocking unwanted IPs, you should be permitting only wanted IPs.
--
AJS
Note: Originating address only accepts e-mail from list! If replying
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
outside the office with dynamic IPs, so that is not a possibility. Thanks
for your suggestions, I will try fail2ban. I don't know how complicated is
to implement that on production server.
Thanks,
-Motty
On Thu,
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack
Hi A J, believe me, I wish i do as you suggested, however I have a few
extensions outside the office with dynamic IPs, so that is not a possibility.
Thanks for your suggestions, I will try fail2ban. I don't know how complicated
: motty.c...@gmail.commailto:motty.c...@gmail.com
To: asterisk-users@lists.digium.commailto:asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
outside the office
08:42:11 -0700
From: motty.c...@gmail.commailto:motty.c...@gmail.com
To: asterisk-users@lists.digium.commailto:asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
Please don't top post.
On Thu, 4 Sep 2014, motty cruz wrote:
Hi A J, believe me, I wish i do as you suggested, however I have a few
extensions outside the office with dynamic IPs, so that is not a
possibility.
Do your few extensions travel to China, Russia, Iran, Iraq, North Korea,
etc?
On Thursday 04 Sep 2014, motty cruz wrote:
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions
outside the office with dynamic IPs, so that is not a possibility.
If you know what ISPs they are using, then you can allow just those ISPs'
address ranges. That will
On 4/9/14 4:58 pm, Eric Wieling wrote:
If we don't need to allow access from outside the USA we block access from all
non-ARIN IP addresses by using iptables. This takes care of at least 80% of
attacks.
Likewise here (though RIPE rather than ARIN, since we're the other side
of the pond).
Thank you all for your support, your suggestions are welcome.
Thanks,
On Thu, Sep 4, 2014 at 9:26 AM, Chris Bagnall aster...@lists.minotaur.cc
wrote:
On 4/9/14 4:58 pm, Eric Wieling wrote:
If we don't need to allow access from outside the USA we block access
from all non-ARIN IP addresses
13 matches
Mail list logo