Another approach is sending 200 ok and then exit().
From: Users [mailto:[email protected]] On Behalf Of Schneur Rosenberg Sent: Friday, April 21, 2017 11:00 AM To: OpenSIPS users mailling list <[email protected]> Subject: Re: [OpenSIPS-Users] Ghost calls 1001 User agent variable is stored in $ua do a if and drop() Regarding iptables do something like this https://community.freepbx.org/t/stop-sipvicious-friendly-scanner/28580 On Apr 21, 2017 10:12 AM, "Uzair Hassan" <[email protected] <mailto:[email protected]> > wrote: Is there any documentation I could read to understand the process you just described? On April 20, 2017 11:15:54 PM Schneur Rosenberg <[email protected] <mailto:[email protected]> > wrote: In addition to iptables/fail2ban you should inspect the useragent that the packets come from, most of them will come from sip vicious or friendly scanner etc, you can block them with iptables and/or with drop() in opensips, this will stop the scanner right away because he won't get any replies so he will just move on. On Apr 21, 2017 8:11 AM, "Uzair Hassan" <[email protected] <mailto:[email protected]> > wrote: Is there a way to change opensips port ? Whenever I try it doesn't even start. On April 20, 2017 9:09:55 PM "Alexander Jankowsky" <[email protected] <mailto:[email protected]> > wrote: You might need to do a Wireshark trace and find out if the calls originate externally into the system. If you are in an open DMZ with the router, that could be just the start of your problems. I had Opensips 2.3.0-beta in the open on DMZ with the router for only a few hours and I then had a couple of dozen automated break in attempts trying to access the system. You need to pay a lot of attention to the system logs otherwise you may not even notice. Go over your router very carefully and restrict everything you do not need exposed. Port 5060 is a very popular target with automated robots, use another port if your able to. Alex From: Users [mailto:[email protected] <mailto:[email protected]> ] On Behalf Of Uzair Hassan Sent: Friday, 21 April 2017 6:16 AM To: [email protected] <mailto:[email protected]> Subject: [OpenSIPS-Users] Ghost calls 1001 Hello all, I have setup a opensips 2.3 on a new server and I'm getting ghost calls into my system. How do I stop these ghost call? The opensips server is brand new. the install is clean and nothing has been touched after the initial simple residential script setup. What can I do to defend myself from these ghost calls. Thank you so much. _______________________________________________ Users mailing list [email protected] <mailto:Users%40lists.opensips.org> http://lists.opensips.org/cgi-bin/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] <mailto:[email protected]> http://lists.opensips.org/cgi-bin/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] <mailto:Users%40lists.opensips.org> http://lists.opensips.org/cgi-bin/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] <mailto:[email protected]> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
