[asterisk-users] Intruder
Michael Keuter
lists at mksolutions.info
Sat Nov 17 09:18:07 CST 2012
Am 16.11.2012 um 18:08 schrieb Michael L. Young:
> ----- Original Message -----
>
>> From: "Felix Vazquez" <felix.vazquez at theboshgroup.com>
>> To: asterisk-users at lists.digium.com
>> Sent: Friday, November 16, 2012 11:20:46 AM
>> Subject: [asterisk-users] Intruder
>
>> I am in the asterisk CLI and can see an unidentified caller trying
>> the make calls out of the asterisk system. How do I stop them? How
>> do I identify them and how can I see how the go in?
>
>> This is an example of what I would see:
>
>> NOTICE[4098]: chan_sip.c:20063 handle_request_invite: Call from '' to
>> extension '90111235551212' rejected because extension not found.
>
> I would recommend you read README-SERIOUSLY.bestpractices.txt, top level of source code.
>
> Another thing you can do is turn on security logging if you are using Asterisk 10/11. Take a look at logger.conf. It may provide you with some extra information on who is trying to make the call.
>
> Take a look at this page:
> https://wiki.asterisk.org/wiki/display/AST/Important+Security+Considerations
>
> I would recommend using fail2ban as well.
>
> Michael
> (elguero)
Hi Michael,
the security logging in Asterisk 11 was a nice tip.
I tried it, but unfortunately it doesn't work over syslog for me, only console and file logging.
Do you know if that is on purpose?
In AstLinux we have our own kind of Fail2ban solutions which parses the syslog.
Michael
http://www.mksolutions.info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6060 bytes
Desc: not available
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20121117/1a20b9e7/attachment.bin>
More information about the asterisk-users
mailing list