[asterisk-users] Find a way to block brute force attacks.
Mark R
mcreardon at gmail.com
Tue Jun 29 09:54:39 CDT 2010
There are some good suggestions here as a starting point:
http://jcs.org/notaweblog/2010/04/11/properly_stopping_a_sip_flood/
Rgds,
mcr
On 29 June 2010 15:39, Rodrigo Lang <rodrigoferreiralang at gmail.com> wrote:
> Hello list.
>
> I'm trying to find a way to block any ip that tries to login more than
> three times with the wrong password and try to log in three different
> extensions. For I have suffered some brute force attacks on my asterisk in
> the morning period.
>
> The idea would be: Any ip with three attempts without success to log into
> an extension is blocked.
>
> Is there any way to accomplish this directly by the asterisk? Or is there
> some kind of asterisk spit this information via the AMI?
>
> I was wondering to make a Java program to listen to the AMI and create a
> rule in iptables for ip in specific.
>
> Does anyone have any suggestions?
>
>
> Thanks,
> Rodrigo Lang.
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100629/23168f32/attachment.htm
More information about the asterisk-users
mailing list