Hello list. I'm trying to find a way to block any ip that tries to login more than three times with the wrong password and try to log in three different extensions. For I have suffered some brute force attacks on my asterisk in the morning period.
The idea would be: Any ip with three attempts without success to log into an extension is blocked. Is there any way to accomplish this directly by the asterisk? Or is there some kind of asterisk spit this information via the AMI? I was wondering to make a Java program to listen to the AMI and create a rule in iptables for ip in specific. Does anyone have any suggestions? Thanks, Rodrigo Lang.
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users