[asterisk-users] app_hackblock to prevent SIP/IAX reg trolling
Michiel van Baak
michiel at vanbaak.info
Sat Oct 3 02:30:02 CDT 2009
On 14:42, Fri 02 Oct 09, Michelle Dupuis wrote:
> Has anyone written an app that monitors SIP/IAX registration attempts? A
> couple of clients are being flooded with SIP registrations (but the source
> IP changes every few hours so IPtables won't do)..
>
> I would think that any attempt to reg 5 times with a bad password should
> cause a 5 minute timeout until reg is considered again. Has anyone written
> such an app? The name app_hackblock is my contribution to the project :)
Right now, there's no such thing in asterisk.
fail2ban comes to mind to read the logs and automagically create
iptables/pf rules.
There has been a lot of discussion and brainstorming about this type of
things during astricon 2008. Maybe a google search will get you some
slides/ideas.
As far as I know, no code has been written yet.
--
Michiel van Baak
michiel at vanbaak.eu
http://michiel.vanbaak.eu
GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71C946BD
"Why is it drug addicts and computer aficionados are both called users?"
More information about the asterisk-users
mailing list