[asterisk-users] sip extension compromised, need help blocking brute force attempts

Al lists asteriskal at gmail.com
Fri Jul 18 22:05:09 CDT 2008


If you are trying to reject an IP address to connect to asterisk, there is
no need to run iptables.
Each SIP definition in sip.conf can have:
deny=0.0.0.0/0.0.0.0
permit=192.168.135.1/255.255.255.0

just set these values and it wont accept anything from that IP.


On Mon, Jul 7, 2008 at 7:37 PM, Dovid B <asteriskusers at dovid.net> wrote:

>
> ----- Original Message -----
> From: "spectro" <spectro at gmail.com>
> To: "Asterisk Users Mailing List - Non-Commercial Discussion"
> <asterisk-users at lists.digium.com>
> Sent: Tuesday, July 01, 2008 8:02 PM
> Subject: Re: [asterisk-users] sip extension compromised,need help blocking
> brute force attempts
>
>
> > On Tue, Jul 1, 2008 at 11:19 AM, Tzafrir Cohen <tzafrir.cohen at xorcom.com
> >
> > wrote:
> >>
> >> Fix your logger.conf, then.
> >>
> >> --
> >>               Tzafrir Cohen
> >
> > What am I missing?
> >
> >
> > [root at asterisk1 ~]# cat /etc/asterisk/logger.conf
> > ;
> > ; Logging Configuration
> > ;
> > ; In this file, you configure logging to files or to
> > ; the syslog system.
> > ;
> > ; For each file, specify what to log.
> > ;
> > ; For console logging, you set options at start of
> > ; Asterisk with -v for verbose and -d for debug
> > ; See 'asterisk -h' for more information.
> > ;
> > ; Directory for log files is configures in asterisk.conf
> > ; option astlogdir
> > ;
> > [logfiles]
> > ;
> > ; Format is "filename" and then "levels" of debugging to be included:
> > ;    debug
> > ;    notice
> > ;    warning
> > ;    error
> > ;    verbose
> > ;
> > ; Special filename "console" represents the system console
> > ;
> > ;debug => debug
> > ;console => notice,warning,error
> > ;console => notice,warning,error,debug
> > ;messages => notice,warning,error
> > full => notice,warning,error,debug,verbose
> >
> > ;syslog keyword : This special keyword logs to syslog facility
> > ;
> > ;syslog.local0 => notice,warning,error
> > ;
> > [root at asterisk1 ~]#
> >
> The script seems to run off the messages log. Uncomment the messages line
> and the reload the logger in asterisk (logger reload from the CLI).
>
>
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> AstriCon 2008 - September 22 - 25 Phoenix, Arizona
> Register Now: http://www.astricon.net
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20080718/ad381915/attachment-0001.htm 


More information about the asterisk-users mailing list