[asterisk-users] Asterisk secure fine tune - stop attack
Steve Edwards
asterisk.org at sedwards.com
Thu Sep 4 11:19:54 CDT 2014
Please don't top post.
On Thu, 4 Sep 2014, motty cruz wrote:
> Hi A J, believe me, I wish i do as you suggested, however I have a few
> extensions outside the office with dynamic IPs, so that is not a
> possibility.
Do your few extensions travel to China, Russia, Iran, Iraq, North Korea,
etc? (Sorry if I stepped on anybody's toes.)
If you configure iptables to drop all and then only allow the few IP
address ranges you really need, 90% of the problem is solved. Then use
fail2ban to manage the remaining anklebitters.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list