[asterisk-users] Am I being hacked?
Steve Edwards
asterisk.org at sedwards.com
Mon Aug 19 13:55:54 CDT 2013
On Mon, 19 Aug 2013, Ira wrote:
> >> [2013-08-18 05:56:29] NOTICE[17089][C-000000a8] chan_sip.c:
> >> Failed to authenticate device 390<sip:390 at xx.xx.xxx.xxx>;tag=2762c06e
>
> xx.xx.xxx.xxx is my public I.P.
What kind of filtering are you doing? Iptables?
Rather than playing 'wack-a-mole' with hackers, my first line of defense
is to 'white-list' just the few legitimate connections between my clients
and their SIP providers.
If your situation requires remote and mobile access, can you at least
'black-list' certain countries with a propensity for hacking? Do you need
access from China, North Korea, Iran, etc?
You can eliminate a very large percentage of hacking attempts with just a
few rules. Then you can focus better on the remaining threats.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list