I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '202
sip:202@X:5060' failed for '37.8.12.147:26832' - Wrong password
[Jan 15 03:06:19] NOTICE[14129] chan_sip.c: Registration from '5001
sip:5001@X:5060' failed for '37.8.12.147:21268' -
On 01/19/2014 08:40 AM, Steve Murphy wrote:
Here's another idea! How about changing your port from 5060 to something
different, maybe 7067 or some other number that is not popularly being
used?
You'll provision your phones to use this port, and the scanners will not
find you. Seems a much
On Sat, Jan 18, 2014 at 3:59 PM, Steve Edwards asterisk@sedwards.comwrote:
On Sat, 18 Jan 2014, Jerry Geis wrote:
I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '202
sip:202@X:5060' failed for '37.8.12.147:26832' - Wrong password
fail2ban is so easy to set up, there is no reason not to set it up.
The geography problems are not so bad unless you have phones all over
the world or people travelling with softphones to countries that you
want to block.
It does not block incoming calls only people who want to mimic your
Changing from 5060 is very effective.
Sure, someone with the knowledge could try all the ports IF they know you are
even running SIP, but it certainly will stop most of these idiots .
That along with fail2ban, not using numbers for device user names all will help.
Using IAX where possible also
On 19/1/14 2:57 pm, Ron Wheeler wrote:
fail2ban is so easy to set up, there is no reason not to set it up.
One of the dangers with fail2ban - at least in its default configuration
- is that a legitimate SIP phone with an incorrect password can quite
easily send dozens of registration
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Chris Bagnall
Sent: Sunday, January 19, 2014 10:40 AM
To: asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] stopping unwanted attempts
On 19/1/14 2:57 pm, Ron Wheeler wrote:
fail2ban is so easy to set up, there is no reason
@lists.digium.com
Subject: Re: [asterisk-users] stopping unwanted attempts
It is far worse when you have multiple phones behind the same public address
(i.e. NAT). If any one of the phones has a bad password and the IP gets
blocked by fail2ban, then all phones at that site would be blocked
...@lists.digium.com] On Behalf Of Andrew Colin
Sent: Sunday, January 19, 2014 2:39 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] stopping unwanted attempts
Geoip works well to block all countries except your own
Regards
Andrew Colin-mobile
Vsave(PTY)Ltd
Fail2ban works well otherwise you can write your own script im bash or perl to
block them in iptables
Regards
Andrew Colin-mobile
Vsave(PTY)Ltd
Original message
From: Jerry Geis ge...@pagestation.com
Date:18/01/2014 10:59 PM (GMT+02:00)
To:
On Sat, 18 Jan 2014, Jerry Geis wrote:
I see MANY of these in my log files:
[Jan 15 03:06:12] NOTICE[14129] chan_sip.c: Registration from '202
sip:202@X:5060' failed for '37.8.12.147:26832' - Wrong password
What is the correct way to block these idiots so they
don't even get this far.
Use
11 matches
Mail list logo