In addition to iptables/fail2ban you should inspect the useragent that the packets come from, most of them will come from sip vicious or friendly scanner etc, you can block them with iptables and/or with drop() in opensips, this will stop the scanner right away because he won't get any replies so he will just move on.
On Apr 21, 2017 8:11 AM, "Uzair Hassan" <[email protected]> wrote: > Is there a way to change opensips port ? Whenever I try it doesn't even > start. > > On April 20, 2017 9:09:55 PM "Alexander Jankowsky" < > [email protected]> wrote: > >> >> >> You might need to do a Wireshark trace and find out if the calls >> originate externally into the system. >> >> If you are in an open DMZ with the router, that could be just the start >> of your problems. >> >> I had Opensips 2.3.0-beta in the open on DMZ with the router for only a >> few hours and >> >> I then had a couple of dozen automated break in attempts trying to access >> the system. >> >> You need to pay a lot of attention to the system logs otherwise you may >> not even notice. >> >> Go over your router very carefully and restrict everything you do not >> need exposed. >> >> Port 5060 is a very popular target with automated robots, use another >> port if your able to. >> >> >> >> Alex >> >> >> >> >> >> *From:* Users [mailto:[email protected]] *On Behalf Of *Uzair >> Hassan >> *Sent:* Friday, 21 April 2017 6:16 AM >> *To:* [email protected] >> *Subject:* [OpenSIPS-Users] Ghost calls 1001 >> >> >> >> Hello all, >> >> >> >> I have setup a opensips 2.3 on a new server and I'm getting ghost calls >> into my system. How do I stop these ghost call? The opensips server is >> brand new. the install is clean and nothing has been touched after the >> initial simple residential script setup. What can I do to defend myself >> from these ghost calls. >> >> Thank you so much. >> >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
