[asterisk-users] Using Firewall to protect Asterisk

Andrew Latham lathama at gmail.com
Fri Jul 15 11:59:16 CDT 2011


On Fri, Jul 15, 2011 at 12:47 PM, CDR <venefax at gmail.com> wrote:
> I need to keep out all connection from 5 countries, which originate
> most of the Denial of Service attacks. The entries are
> around 9000 if used as xx.xx.0.0/16. I heard that there is a smarter
> way to do this by using User Tables in iptables, that will keep the
> speed equal to LOG(x). I already tried using  a straight list and it
> kills the box. Unless a smarter way us found, there is no way to use
> iptables.
>
> Federico

DROP will remove the vast majority of bad networks.  Fail2ban[2] for
the rest or recent[3] with triggers at port 139 will get the rest.

[1] http://www.spamhaus.org/drop/
[2] http://www.fail2ban.org/wiki/index.php/Main_Page
[3] http://snowman.net/projects/ipt_recent/

-- 
~~~ Andrew "lathama" Latham lathama at gmail.com ~~~



More information about the asterisk-users mailing list