[asterisk-users] Asterisk SIP attacks and sshguard
Joe Greco
jgreco at ns.sol.net
Mon Dec 13 11:32:28 UTC 2010
> On Thu, Dec 09, 2010 at 07:57:37AM -0600, Joe Greco wrote:
> > Specifically looking for examples of (or how to generate)
> >
> > 1) .*No registration for peer '.*' (from <HOST>)
> > 2) .*Host <HOST> failed MD5 authentication for '.*' (.*)
> > 3) .*Failed to authenticate user .*@<HOST>.*
> >
> > If anyone who is more familiar with the attacks or how to generate
> > these messages would give me some assistance, or chime in on the
> > sshguard-users list, that'd be most appreciated.
>
> You could use SIPVicious to run attacks on your own servers:
> http://code.google.com/p/sipvicious/
Those tools don't seem to generate (or I can't figure out how to get
them to generate) any of the above messages; I already have plenty
of the
Registration from 'foo' failed for 'host' - reason
messages that sipvicious seems to generate. I'm not quite sure what
to do to generate examples of the above messages, any suggestions
are appreciated.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the asterisk-users
mailing list