[asterisk-users] fail2ban Asterisk 13.13.1

Julie M asterisk_list at earthshod.co.uk
Thu Mar 2 03:22:18 CST 2017

On Thursday 02 Mar 2017, Telium Technical Support wrote:
> If this is a small site, I recommend you download the free version of
> SecAst (www.telium.ca <http://www.telium.ca> ) and replace fail2ban. 
> SecAst does NOT use the log file, or regexes, to match etc.instead it
> talks to Asterisk through the AMI to extract security information. 
> Messing with regexes is a losing battle, and the lag in reading logs can
> allow an attacker 100+ registration attempts before fail2ban even does
> anything (assuming the IP is exposed in the Asterisk log).

I would recommend exactly the opposite.  If you install proprietary, binary-
only software on your system, you have no way to verify its integrity.  This 
is no throwaway portable device, it is the heart of your business's telephone 
system.  Do not go compromising its security by installing software that can't 
be independently verified.  

Ask yourself two questions:  (1)  Would you eat a cake that did not have the 
ingredients listed on the box?  And  (2)  why would the manufacturer *not* 
tell you what ingredients they were using -- unless they suspected that if you 
knew for sure what was actually in the cake, you might not be so inclined to 
eat it after all?


Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

More information about the asterisk-users mailing list