[asterisk-bugs] [JIRA] (ASTERISK-20722) Preventing Password attacks

Michael L. Young (JIRA) noreply at issues.asterisk.org
Sat Nov 24 10:37:45 CST 2012 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-20722?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=200023#comment-200023 ] 

Michael L. Young commented on ASTERISK-20722:
---------------------------------------------

The purpose of the security event framework is not to make those kind of decisions.  All it does is report events so that another module or outside module/application can decide whether action is required or not.

Personally, I use a combination of iptables and fail2ban.  I use the recent module (-m recent) in iptables to throttle/limit incoming requests from an ip address.  Then fail2ban determines when to take action and block requests from that ip address based on what Asterisk is logging.

Also, feature requests are no longer submitted to or accepted through the issue tracker. Feature requests are openly discussed on the mailing lists [1] and Asterisk IRC channels and made note of by Bug Marshals.

[1] http://www.asterisk.org/support/mailing-lists
                
> Preventing Password attacks
> ---------------------------
>
>                 Key: ASTERISK-20722
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20722
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Channels/chan_sip/Security Framework
>    Affects Versions: 10.8.0
>         Environment: All
>            Reporter: Ron Wheeler
>
> When someone tries to attack a SIP account Asterisk helps them out by responding quickly.
> When an asterisk systm is attacked by applying random passwords, it would be good to be able to slow the attacker down by specifying a high number oof milliseconds to respond to a wrong password or username.
> This would at least slow it down and eventually they would go away.
> No one with a valid password would be affected and it should be easy to do.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list