Thanks for quick responses. There is existing alarm for failed sipxconfig login, should a separate alarm event be defined for failed VM logins?
On Mon, May 9, 2011 at 3:00 PM, Gerald Drouillard <[email protected]>wrote: > On 5/9/2011 7:32 AM, barisyanar wrote: > > http://track.sipfoundry.org/browse/XX-4847 > > Hi all, > > Scott Lawrence's comment on the above item seemed logical to me. > I need more feedback on what kind of an alarm it should be? > Should it be a GUI warning which is shown after user login or a sound > played after a succesful VM login? > > I'll be glad to hear your comments on the issue. > > We should think of this like an email server exposed to the internet. > There are many bots that randomly pick user names and passwords trying brute > force attacks. With SIP the usernames are easier to guess (0, 100, 1000, > etc). The client IP should be locked out for X minutes, not the account. > This hook should be available for registration attempts also. > > Logging any failed login attempts (registration, vm, web) in a log file > (say sipauth.log) would make tools like fail2ban more efficient. > > -- > Regards > -------------------------------------- > Gerald Drouillard > Technology Architect > Drouillard & Associates, Inc.http://www.Drouillard.biz > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
