On 01/19/2014 08:40 AM, Steve Murphy wrote:
Here's another idea! How about changing your port from 5060 to something
different, maybe 7067 or some other number that is not popularly being
used?
You'll provision your phones to use this port, and the scanners will not
find you. Seems a much simpler solution... but there are some drawbacks...
can anyone think of them? And will these drawbacks matter to you? And,
given
this solution, will the odds that a scanner might find your machine be
so low,
that it is not worth using something like fail2ban to override them? Food
for thought!
murf
We use this tactic. I never seen scanners in my logs anymore. Haven't
had any issues with it to date... we use Linksys, Polycom, Yealink,
Grandstream, and Audiocodes products. All have the ability to specify
the registration port.
Cheers,
j
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
