On Thursday 02 Mar 2017, Telium Technical Support wrote: > If this is a small site, I recommend you download the free version of > SecAst (www.telium.ca <http://www.telium.ca> ) and replace fail2ban. > SecAst does NOT use the log file, or regexes, to match etc.instead it > talks to Asterisk through the AMI to extract security information. > Messing with regexes is a losing battle, and the lag in reading logs can > allow an attacker 100+ registration attempts before fail2ban even does > anything (assuming the IP is exposed in the Asterisk log).
I would recommend exactly the opposite. If you install proprietary, binary- only software on your system, you have no way to verify its integrity. This is no throwaway portable device, it is the heart of your business's telephone system. Do not go compromising its security by installing software that can't be independently verified. Ask yourself two questions: (1) Would you eat a cake that did not have the ingredients listed on the box? And (2) why would the manufacturer *not* tell you what ingredients they were using -- unless they suspected that if you knew for sure what was actually in the cake, you might not be so inclined to eat it after all? -- Julie Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk . -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
