On Thu, Mar 31, 2011 at 7:17 AM, vip killa <[email protected]> wrote:
> Back to the original question, for those of you using Fail2Ban, > Does it take an unusually high amount of break-in attempts before attackers > are banned? > I have it set to 5 attempts in fail2ban but usually, the attacker is able > to make over 100 attempts before fail2ban bans them. > I've tried this using asterisk's /var/log/asterisk/messages and > /var/log/messages with same results. > Perhaps someone else is experiencing this or has resolved it, thank you. > > Check your log files. With the current generation of SIP attack scripts, I've seen hundreds of attacks come in within one second, especially if you've got decent bandwidth. I've seen fail2ban logs that state between 60-250 failed attempts for asterisk. I think it's just the nature of the speed of the attacks. -- Thanks, --Warren Selby, dCAP http://www.selbytech.com
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
