I have been using rpm version of asterisk 1.6. However, I notice the support
for gtalk is absent from rpm. I tried to compile source code and then moved
to the /usr/lib/asterisk/modules. But the modules cannot be loaded.
Anyone has successful experience.
Mine is using 1.6.2.12.
I also tried in
My main asterisk server is under unusual heavy attack, and so far Fail2Ban
has blocked about 30 IPs, from various different countries. At this time it
is blocking about 1 IP address every few minutes.
Just wondering if anybody else is also experiencing unusually increased hack
attempts today?
Me too.
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Zeeshan Zakaria
Sent: Saturday, October 30, 2010 11:29 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [asterisk-users] Under heavy attack
My main
I'm experiencing this on one of my clients servers. The attack is ongoing.
Thanks,
--Warren Selby
On Oct 30, 2010, at 2:28 PM, Zeeshan Zakaria zisha...@gmail.com wrote:
My main asterisk server is under unusual heavy attack, and so far Fail2Ban
has blocked about 30 IPs, from various
Is there really any benefit to blocking these, if you use good passwords?
On Sat, Oct 30, 2010 at 1:20 PM, Warren Selby wcse...@selbytech.com wrote:
I'm experiencing this on one of my clients servers. The attack is ongoing.
Thanks,
--Warren Selby
On Oct 30, 2010, at 2:28 PM, Zeeshan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
We are also seeing an increase in attacks. And yes, there is a benefit
to blocking them. They tend to go away if you have them restricted,
where if you let them go at it, they will sit on your host for sometimes
hours.
Stu
On 10/30/2010 12:43 PM,
On 10/30/2010 04:07 PM, Stuart Sheldon wrote:
any registry of abusers like for spam ?
any list of complete ip ranges for countries where abuse is rampant to
block ?
I am getting sick of the one offs and ready to start blocking big chunks
of address space.
-BEGIN PGP SIGNED
Hello All,Would be possible someone send me driver for tormenta 3 pcicard ? I see that www.govarion.com is no longer available.Thank you so much.Jeff
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New
Hello All,Would be possible someone send me driver for tormenta 3 pcicard ? I see that Govarion website is no longer available.Thank you so much.Jeff
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
I wonder if anyone out there has a perspective on this. There are a
welter of tickets out there on the matter, most of them closed.
This problem began for me over a year ago, and continues up to the
latest versions I've installed (1.6.2.13).
It happens randomly, and the suggestion on one of
On Sat, 2010-10-30 at 14:28 -0400, Zeeshan Zakaria wrote:
My main asterisk server is under unusual heavy attack, and so far
Fail2Ban has blocked about 30 IPs, from various different countries.
At this time it is blocking about 1 IP address every few minutes.
Just wondering if anybody else is
We have about 8-10 boinking us. They generally run a 1- peer attack and
a few alphas like common words or eieio We use large, complex peer IDs
and passwords, so they have a long way to go. I am happy to help keep them
busy.
I also send messages to their network abuse address.
Cary Fitch
While on the subject,
what is digium doing on my port 113?
just from my logfile:
Oct 31 01:11:07 fw2 kernel: EXT; INC, INTRUDER IN=eth0 OUT=
MAC=08:00:20:da:3b:4a:00:90:1a:42:70:d3:08:00
SRC=216.207.245.17 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15394 PROTO=TCP
SPT=56211 DPT=113 WINDOW=0
Probably doing an ident lookup when you send mail to the list. Standard
sendmail behavior.
On Oct 30, 2010, at 5:37 PM, Hans Witvliet h...@a-domani.nl wrote:
While on the subject,
what is digium doing on my port 113?
just from my logfile:
Oct 31 01:11:07 fw2 kernel: EXT; INC,
You kidding?
On Sat, Oct 30, 2010 at 3:43 PM, Joel Maslak jmas...@antelope.net wrote:
Is there really any benefit to blocking these, if you use good passwords?
On Sat, Oct 30, 2010 at 1:20 PM, Warren Selby wcse...@selbytech.com wrote:
I'm experiencing this on one of my clients servers. The
On Sat, Oct 30, 2010 at 01:43:49PM -0600, Joel Maslak wrote:
Is there really any benefit to blocking these, if you use good passwords?
Regardless of any threat from those attacks succeeding, they completely
saturated the uplink in our ADSL-connected office.
What are they after, anyway? Merely
On 10/29/2010 04:40 AM, jon pounder wrote:
On 10/28/2010 11:18 PM, GBR Icasiano, Ryan A. wrote:
Here is what I do today and it works fine:
- asterisk/trixbox
- Dext/android phone
- Bell Canada cell provider
- call comes in, to an extension with voicemail
- rings a bunch of sip devices
On 31 Oct 2010, at 01:29, Joel Maslak wrote:
Probably doing an ident lookup when you send mail to the list. Standard
sendmail behavior.
Agreed. Nothing to worry about.
S
--
_
-- Bandwidth and Colocation Provided by
No. It seems that opening up some sort of automatic blocking could cause an
attacker forging packets to block legitimate endpoints. It also seems like they
won't get in with good passwords, so it isn't actually accomplishing something
to worry about the script kiddies if you have good
Ah, that makes sense - I probably would restrict to only known endpoints by IP
address if I has only DSL bandwidth. But blocking attackers makes sense if
that isn't an option.
Yes, they are after cheap calls.
On Oct 30, 2010, at 7:23 PM, Tzafrir Cohen tzafrir.co...@xorcom.com wrote:
On Sat,
My count has reached 100 for the day. The server serves doesn't serve
international calls anyways, I wonder how would it benefit any hacker in any
way.
--
Zeeshan
Sat, Oct 30, 2010 at 9:33 PM, Joel Maslak jmas...@antelope.net wrote:
No. It seems that opening up some sort of automatic
On Sun, Oct 31, 2010 at 03:23:52AM +0200, Tzafrir Cohen wrote:
On Sat, Oct 30, 2010 at 01:43:49PM -0600, Joel Maslak wrote:
Is there really any benefit to blocking these, if you use good passwords?
Regardless of any threat from those attacks succeeding, they completely
saturated the uplink
They have agreements for termination to locations with high rates.
These types of attacks happen on servers that fit a digital signature.
With certain ports or certain versions of software on those ports.
Yes the Art of War is required reading for todays systems
administration professionals...
On 10/30/2010 09:24 PM, Sebastian wrote:
On 10/29/2010 04:40 AM, jon pounder wrote:
On 10/28/2010 11:18 PM, GBR Icasiano, Ryan A. wrote:
Here is what I do today and it works fine:
- asterisk/trixbox
- Dext/android phone
- Bell Canada cell provider
- call comes in, to an extension
To me it seems the real question is What is going on today?. I normally get
eight to ten asterisk-related fail2ban alerts a day between a few client sites
- today I've received at least 10 times that many attacks on just one site.
These are all coming in from different ip addresses, a new one
On 10/30/2010 11:25 PM, Warren Selby wrote:
To me it seems the real question is What is going on today?. I normally get
eight to ten asterisk-related fail2ban alerts a day between a few client
sites - today I've received at least 10 times that many attacks on just one
site. These are all
Any particular IP addresses or ranges of addresses? I haven't seen any
big upsurge.
On 10/30/2010 03:15 PM, Bruce Komito wrote:
Me too.
*From:*asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] *On Behalf Of
*Zeeshan Zakaria
*Sent:* Saturday, October
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/30/2010 08:25 PM, Warren Selby wrote:
To me it seems the real question is What is going on today?. I
normally get eight to ten asterisk-related fail2ban alerts a day
between a few client sites - today I've received at least 10 times
that
One word: Rubbish
On Sat, Oct 30, 2010 at 9:33 PM, Joel Maslak jmas...@antelope.net wrote:
No. It seems that opening up some sort of automatic blocking could cause an
attacker forging packets to block legitimate endpoints. It also seems like
they won't get in with good passwords, so it
29 matches
Mail list logo
