21 mar 2010 kl. 18.22 skrev Philipp von Klitzing:
Hi Olle!
The work I started during Christmas - Named ACL's - is a starting point
that other developers can use to develop all kind of schemes.
http://www.voip-forum.com/asterisk/2010-01/manageable-access-control-lists
-asterisk-nacls/
19 mar 2010 kl. 03.41 skrev Philipp von Klitzing:
Hey hey!
My first step will be to strengthen the passwords in use, and for the
hardphones to restrict by IP address, but that still leaves the
softphone quite widely open.
Asterisk doesn't differentiate between a hard phone and a soft
Hi Olle!
The work I started during Christmas - Named ACL's - is a starting point
that other developers can use to develop all kind of schemes.
http://www.voip-forum.com/asterisk/2010-01/manageable-access-control-lists
-asterisk-nacls/
Very interesting. Doesn't look like this has any chance
Has anyone done this with OpenSIPS? For example where it fronts an
Asterisk cluster with the load balancer module?
Thanks,
Gavin.
On 19/03/2010, Ryan Bullock rrb3...@gmail.com wrote:
Hey Philipp,
You can check out
http://www.voip-info.org/wiki/view/Fail2Ban+(with+iptables)+And+Asterisk
Hey Philipp,
You can check out
http://www.voip-info.org/wiki/view/Fail2Ban+(with+iptables)+And+Asterisk for
setting up from brute force detection and blocking with asterisk. There are
also a link at the bottom about rate limiting registrations via iptables.
--
Hey hey!
My first step will be to strengthen the passwords in use, and for the
hardphones to restrict by IP address, but that still leaves the
softphone quite widely open.
Asterisk doesn't differentiate between a hard phone and a soft phone.
Although: One could think about enhancing
Philipp, remembering sip user agent is a wondeful idea, and if you goggle
it, somebody had made a patch for it, so that one could identify sip devices
by their sip user agent names. Surprisingly the decision makers didn't like
to put it in the production branch of asterisk at that time, however it