On Thursday 04 Sep 2014, motty cruz wrote: > Hi A J, > believe me, I wish i do as you suggested, however I have a few extensions > outside the office with dynamic IPs, so that is not a possibility.
If you know what ISPs they are using, then you can allow just those ISPs' address ranges. That will slow things down, by requiring an attacker to be using the same ISP as a legitimate user. > Thanks > for your suggestions, I will try fail2ban. I don't know how complicated is > to implement that on production server. It's fairly easy -- but note that physical access to the server's console is highly desirable, lest you accidentally block yourself out from using ssh (not a mistake you want to make too many times). -- AJS Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk . -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
