[asterisk-users] Asterisk secure fine tune - stop attack

Steve Edwards asterisk.org at sedwards.com
Thu Sep 4 11:19:54 CDT 2014

Please don't top post.

On Thu, 4 Sep 2014, motty cruz wrote:

> Hi A J, believe me, I wish i do as you suggested, however I have a few 
> extensions outside the office with dynamic IPs, so that is not a 
> possibility.

Do your few extensions travel to China, Russia, Iran, Iraq, North Korea, 
etc? (Sorry if I stepped on anybody's toes.)

If you configure iptables to drop all and then only allow the few IP 
address ranges you really need, 90% of the problem is solved. Then use 
fail2ban to manage the remaining anklebitters.

Thanks in advance,
Steve Edwards       sedwards at sedwards.com      Voice: +1-760-468-3867 PST
Newline                                              Fax: +1-760-731-3000

More information about the asterisk-users mailing list