I think you're looking for Snort or Suricata. Presumably someone would
have detections for asterisk by now?
--
Steve Yates
ITS, Inc.
mayak wrote on Sat, Jul 25 2015 at 7:31 am:
hi all,
i have a number of asterisk instances behind pfsense -- 5060 is open to the
public, and of
hi all,
i have a number of asterisk instances behind pfsense -- 5060 is open to the
public, and of course, i have incessant attempts to make free calls.
for the moment, i use an iptables rule:
iptables --append local-external --protocol udp -m udp --sport 5060 -m string --string
SIP/2.0 403