Raised more questions: 1 - IP Ban: How would this work if the call is made via gateway (e.g. Audiocodes). Should we do something with caller ID?
2- Account blocking: Shouldn't this be a generic mechanism including also user portal access failures and then password renewal automation etc. (Does there exist an issue for this? I don't know ) 3- If we come back to VM; shouldn't there be a warning playback saying remaining access numbers during multiple wrong login attempts in "short period". 4- The definition of "short period"? Is it a single call made to VM or may it include multiple calls in a "short period"? These are all for now :) Regards, Baris. On Tue, May 10, 2011 at 3:18 AM, Michael Picher <[email protected]> wrote: > I would think so... > > and there should be one for failed sip registrations too... > > > On Mon, May 9, 2011 at 10:50 AM, barisyanar <[email protected]> wrote: > >> Thanks for quick responses. >> >> There is existing alarm for failed sipxconfig login, should a separate >> alarm event be defined for failed VM logins? >> >> On Mon, May 9, 2011 at 3:00 PM, Gerald Drouillard < >> [email protected]> wrote: >> >>> On 5/9/2011 7:32 AM, barisyanar wrote: >>> >>> http://track.sipfoundry.org/browse/XX-4847 >>> >>> Hi all, >>> >>> Scott Lawrence's comment on the above item seemed logical to me. >>> I need more feedback on what kind of an alarm it should be? >>> Should it be a GUI warning which is shown after user login or a sound >>> played after a succesful VM login? >>> >>> I'll be glad to hear your comments on the issue. >>> >>> We should think of this like an email server exposed to the internet. >>> There are many bots that randomly pick user names and passwords trying brute >>> force attacks. With SIP the usernames are easier to guess (0, 100, 1000, >>> etc). The client IP should be locked out for X minutes, not the account. >>> This hook should be available for registration attempts also. >>> >>> Logging any failed login attempts (registration, vm, web) in a log file >>> (say sipauth.log) would make tools like fail2ban more efficient. >>> >>> -- >>> Regards >>> -------------------------------------- >>> Gerald Drouillard >>> Technology Architect >>> Drouillard & Associates, Inc.http://www.Drouillard.biz >>> >>> >>> _______________________________________________ >>> sipx-users mailing list >>> [email protected] >>> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >>> >> >> >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > > > > -- > There are 10 kinds of people in this world, those who understand binary and > those who don't. > > [email protected] > blog: http://www.sipxecs.info > call: sip:[email protected] > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
