On Apr 28, 2011, at 7:27 AM, Ingmar Schraub wrote:
> On 04/28/2011 01:06 PM, Joss Giffard wrote:
>> Hi,
>>
>> I recently updated our asterisk system to astlinux 0.7.7 whilst moving
>> to a new SIP trunk provider. Everything seems to be up and running
>> correctly apart from the fact that very occasionally each of the VoIP
>> phones will receive an incoming call from 'asterisk' that once answered
>> is simply silence... I was wondering if anyone else has experienced
>> anything similar or has any idea what would be causing this (or indeed
>> how to cure it). The phones themselves are all Grandstream GXP2000s.
>
> Looks like SIP scanning/spamming/toll fraud attack. You could tweak your
> Asterisk configuration to not allow any other un-authenticated inbound
> calls than from your SIP trunk provider and/or add some further security
> controls to prevent such things.
>
> Here is a report from someone who had a similar experience:
>
> http://www.fonality.com/trixbox/forums/trixbox-forums/open-discussion/blank-call-caller-id-asterisk
>
> There are also some ideas on how to block such calls. Some are good,
> some may not make sense to everyone.
>
> Regards,
>
> Ingmar
I agree with Ingmar, additionally if you are using Asterisk 1.4 you might want
to set:
--
alwaysauthreject=yes
--
(Asterisk 1.8 defaults to yes) to reduce the amount of information to the
scanner.
You may also want to enable the Adaptive Ban plugin:
Network Tab -> Firewall Plugins: [ adaptive-ban ]
set to ENABLED=1 via the { Configure Plugin } button, adjust any options and
"Restart Firewall" to apply.
The Adaptive Ban firewall plugin operates on the same principle as Fail2Ban,
automatically blocking IP addresses that generate errors in the logs over a
pre-defined threshold.
Lonnie
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
