:(
Seems they don't like my asterisk server no more. The attack is ended
one day ago.
As soon as it start again I'll collect the data!!
Thanks
On 12/22/2010 05:17 PM, Tom eastep wrote:
On 12/22/2010 04:21 AM, [email protected] wrote:
Hi everybody,
I have a very old and home made Asterisk PBX. Recently I can see other
annoying server in the net are trying to register SIP accounts on the
asterisk bound to my eth1 interface which has a public IP, directly
connected to the router. I'm using shorewall 2.2.3 on a Debian Sarge (I
said it was very old!). Yes...I've almost ready a pretty new PBX with
Debian Lenny and Shorewall 4.0.15 but all I'd like to know is if the
current "attacks" on my sip ports are due to the old kernel/shorewall or
my configuration.
Here the (old) cfg:
Policy (everything dropped):
fw all ACCEPT
net all DROP info
Rules (only udp traffic from my sip provider):
ACCEPT net:[my authorized sip provider IP] fw udp 1024:65535
Interfaces:
net eth1 detect tcpflags
I'm really curious because despite this configuration I'm receiving SIP
traffic from other unwanted IP.
Hard to say without specifics. Please show us:
- The output of 'iptables -L -n -v'
- The output of 'cat /proc/net/ip_conntrack'
Please collect this output when you are seeing unwanted traffic.
Thanks,
-Tom
------------------------------------------------------------------------------
Forrester recently released a report on the Return on Investment (ROI) of
Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even
within 7 months. Over 3 million businesses have gone Google with Google Apps:
an online email calendar, and document program that's accessible from your
browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Distinti saluti
--
Daniele Davolio
Information Technology Department
tel: +39 0522 268059
fax: +39 0522 331673
e-mail: [email protected]
web: www.mastertraining.it
Master Training S.r.l.
Sede Legale: via Timolini, 18 - Correggio (RE) - Italy
Sede Operativa: via Sani, 15 - Reggio Emilia - Italy
Sede Commerciale: via Sani, 9 - Reggio Emilia - Italy
================================================================
Le informazioni contenute in questa e-mail sono da considerarsi confidenziali e
esclusivamente per uso personale dei destinatari sopra indicati. Questo
messaggio può includere dati personali o sensibili. Qualora questo messaggio
fosse da Voi ricevuto per errore vogliate cortesemente darcene notizia a mezzo
e-mail e distruggere il messaggio ricevuto erroneamente. Quanto precede ai fini
del rispetto del Decreto Legislativo 196/2003 sulla tutela dei dati personali e
sensibili.
This e-mail and any file transmitted with it is intended only for the person or
entity to which is addressed and may contain information that is privileged,
confidential or otherwise protected from disclosure.Copying, dissemination or
use of this e-mail or the information herein by anyone other than the intended
recipient is prohibited. If you have received this e-mail by mistake, please
notify us immediately by telephone or fax.
------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
