Gerald, I have not used fail2ban before, what I got from the quick search I did, is that it blocks connections from IPs The calls are originating from sip:200@(WAN IP of our Router) If fail2ban has other options, can you please direct me to the information
Thanks, Ken From: [email protected] [mailto:[email protected]] On Behalf Of Gerald Drouillard Sent: Friday, December 30, 2011 3:37 PM To: Discussion list for users of sipXecs software Subject: Re: [sipx-users] Sip Hacking? On 12/30/2011 5:17 PM, Ken Ridley wrote: I found about 30 failed calls in our CDR history from user 200 to 5 different numbers There is no User 200 on our system We have remote users, so there are ports opened on the router to allow them to connect, no VPNs Is this something to be expected? All of the calls failed with a 483 error, is this the sipx way of blocking invalid users, or did I just get luck this time If I'm just lucky what can I do to prevent this? You could probably create a fail2ban rule for this. -- Regards -------------------------------------- Gerald Drouillard Technology Architect Drouillard & Associates, Inc. http://www.Drouillard.biz
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
