[asterisk-users] Asterisk brute force watcher (was FYI)
Steve Totaro
stotaro at asteriskhelpdesk.com
Thu Apr 26 05:50:26 MST 2007
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-
> bounces at lists.digium.com] On Behalf Of J. Oquendo
> Sent: Thursday, April 26, 2007 6:47 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: [asterisk-users] Asterisk brute force watcher (was FYI)
>
> Steve Totaro wrote:
> > I suspect that this will happen more and more. I also suspect that
many
> > people who have weak SIP credentials like user=100 secret=100 will
be
> > the victim of toll fraud and worse, call to 900 and other very high
> > termination rates. How does $25 per minute sound?
> >
> > Thanks,
> > Steve Totaro
> > http://www.asteriskhelpdesk.com
> > KB3OPB
>
> Ashtray is an Asterisk brute force watcher. Checks logs from cron and
> emails admin of potential brute forcers
> http://www.infiltrated.net/scripts/ashtray
>
> Can have it set in .bash_profile so whenever you log on, you'd see
> anomalies.
>
> --
> ====================================================
> J. Oquendo
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
> echo infiltrated.net|sed 's/^/sil@/g'
>
> "Wise men talk because they have something to say;
> fools, because they have to say something." -- Plato
>
Without looking, can it be configured to blacklist that IP for a given
amount of time? My FTP server has that ability.
Thanks,
Steve Totaro
http://www.asteriskhelpdesk.com
KB3OPB
More information about the asterisk-users
mailing list