I had to install fail2ban and configure it to watch Asterisk.
Ron
On 27/11/2012 2:11 PM, Mitul Limbani wrote:
You might want to share the know how over here if its not a chan_sip
patch.
Mitul
On Nov 28, 2012 12:28 AM, "Ron Wheeler"
<rwhee...@artifact-software.com
<mailto:rwhee...@artifact-software.com>> wrote:
On 27/11/2012 12:58 PM, Christopher Harrington wrote:
It's an open source project. Pay a programmer or make the
modification yourself and submit a patch.
You don't really want me coding!
I have solved the problem for me.
Just add it to the queue of enhancements for the next time someone
is working on SIP.
Ron
On Sat, Nov 24, 2012 at 4:51 PM, Ron Wheeler
<rwhee...@artifact-software.com
<mailto:rwhee...@artifact-software.com>> wrote:
I looking through my logs, I found that people where probing
my SIP accounts looking for passwords.
Asterisk was helping them out by processing hundreds of
requests per minute.
I did a bit of Googling and this seems to be a frequent knock
against Asterisk's security.
It would seem pretty simple to add a configuration setting to
sip.conf to delay the response to a bad account or password.
There is a half measure to confuse the probe by sending the
same error return for either error.
It appears that many people have complained that this should
be the default setting only changed if your are debugging a
problem.
There is no reason for a working system to ever have bad
passwords so this is clearly an attack in almost every case.
A simple delay would solve the problem for most people who
use reasonable passwords.
I had to install fail2ban which is a PITA but thanks to
someone's clear recipe, I was able to get it working.
I hope that this can be worked into a release soon.
Ron
--
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
<mailto:rwhee...@artifact-software.com>
skype: ronaldmwheeler
phone: 866-970-2435, ext 102 <tel:866-970-2435%2C%20ext%20102>
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by
http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar
every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
-Chris Harrington
ACSDi Office: 763.559.5800 <tel:763.559.5800>
Mobile Phone: 612.326.4248 <tel:612.326.4248>
--
Ron Wheeler
President
Artifact Software Inc
email:rwhee...@artifact-software.com
<mailto:rwhee...@artifact-software.com>
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
