[asterisk-dev] External scripts for parsing the security logs
Mohit Dhiman
mohitdhiman736 at gmail.com
Mon Nov 23 23:14:32 CST 2020
Thank you guys, I tried fail2ban and it worked but i'll also try Fred's
recommendation to see which one will be the best for my use case as I will
be deploying the solution to a lot of Asterisk servers.
On Tue, 24 Nov 2020, 3:02 am Fred Posner, <fred at qxork.com> wrote:
> On Mon, 2020-11-23 at 16:22 -0500, Sean Bright wrote:
> > On 11/23/2020 4:09 AM, Mohit Dhiman wrote:
> > > can anyone please recommend any existing external scripts that can
> > > parse the Asterisk security logs and possibly take appropriate
> > > actions like IP blocking.
> >
> > Fail2ban
>
> I wrote one years ago that I still use:
>
>
>
> https://github.com/fredposner/scripts/blob/master/asterisk/check-failed-regs.pl
>
> You'll need to make a chain called "asterisk" in iptables.
>
> Also, we started providing a pro-active block to sip attacks with
> apiban in January. There's a go client that will update iptables as
> well:
>
> https://github.com/palner/apiban
>
> --
> Fred Posner
> fred at qxork.com
> https://qxork.com
> Direct/SMS: +1 (336) 439-3733
>
> Need Fred? Call Fred. 336-HEY-FRED
> Matrix: @fred:matrix.lod.com
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20201124/48390429/attachment.html>
More information about the asterisk-dev
mailing list