So when someone's brute forcing your server is there a way to identify the originating IPs without using a tcpdump? When I get a failed auth on the console it shows 'acco...@asteriskserver' then tag=as25ca5023 (or some random string, though it's a bit odd as alwaysauthreject = yes is on in sip.conf). Anyway, the logs don't show anything more useful either. Is there something obvious I'm missing? Cranking up verbosity on the console doesn't seem to do anything.
hose -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
