Hello list, I've got a client who's weak sip passwords are being guessed by remote entities who then connect to their server and use it to wardial large swaths of numbers. When they start receiving complaints, they call me and I add the ip address of the remote user to the iptables drop list.
At the same time, my own personal asterisk server, using strong sip passwords, has seen connections from remote entities. I'm not sure how these passwords were guessed (or even if they were guessed), as they were at a minimum 10 characters long, not based on dictionary words, and used numbers, letters, and symbols. Is there some logging capability that allows me to see every IP address of every sip registration attempt, along with details about the sip reg attempt (I.e user name tried, success or failure, user agent, etc). I haven't found a way to do this yet, I'm hoping I've just missed something simple? Thanks, Warren Selby -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
