[asterisk-users] Failed to authenticate device 100

Telium Technical Support support at telium.ca
Wed Dec 2 15:53:18 CST 2015

The details of the source IP are available in the asterisk security log (if you have that enabled) – but that particular attack hides its address from the messages file.


It’s essential that you secure your PBX; there are options ranging from free to commercial.  Have a look at:




It’s easy to get a $20,000 phone bill, so take securing your PBX seriously.





From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Motty
Sent: Wednesday, December 02, 2015 1:12 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion; motty.cruz at gmail.com
Subject: [asterisk-users] Failed to authenticate device 100


Hello, I continued to see this errors in the logs: 

[2015-12-02 10:05:57] NOTICE[19949]: chan_sip.c:23277 handle_request_invite: Failed to authenticate device 100 <mailto:sip:100 at xx.xx.xx.xx> <sip:100 at xx.xx.xx.xx>;tag=10cdeaf7

how do I guard against this kinds of attacks? Also, to get the IP address from where this attack come from I use the following command "tcpdump -lni eth0 -f "udp port 5060" is there an easy way to get the attacker's IP? 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151202/79e0f4ab/attachment.html>

More information about the asterisk-users mailing list