[asterisk-security] Person Trying to Register on my Asterisk multiple times
Christopher Gray
chris at bayareadigital.us
Fri Jan 23 15:36:23 CST 2009
Hello:
Beginning on January 6, it appears that somebody has been trying to hack into
my Asterisk. They have tried on the 7th, 9th, and the 20th. The messages file
in /var/log/Asterisk shows entries like this:
[Jan 20 13:39:40] NOTICE[5130] chan_sip.c: Registration from
'"1072963462"<sip:1072963462 at 198.144.206.28>' failed for '212.174.78.60' - No matching peer found
[Jan 20 13:39:41] NOTICE[5130] chan_sip.c: Registration from
'"100"<sip:100 at 198.144.206.28>' failed for '212.174.78.60' - No matching peer found
[Jan 20 13:39:41] NOTICE[5130] chan_sip.c: Registration from
'"101"<sip:101 at 198.144.206.28>' failed for '212.174.78.60' - No matching peer found
[Jan 20 13:39:41] NOTICE[5130] chan_sip.c: Registration from
'"102"<sip:102 at 198.144.206.28>' failed for '212.174.78.60' - No matching peer found
[Jan 20 13:39:41] NOTICE[5130] chan_sip.c: Registration from
'"103"<sip:103 at 198.144.206.28>' failed for '212.174.78.60' - No matching peer found
The sip:101 sip:102 and so on goes up until sip:9975. This began at 13:39:40
and ended at 13:42:51. Entries began at line 970 of the log file and ended at
8016 for a total of 7,041 occurrences.
How worried should I be about this and what should I do to stop further
attempts?
Thanks for any advice.
Chris
More information about the asterisk-security
mailing list