[asterisk-users] Attempted SIP connection by foreign host. Help!

Shaun Wingrin voipsw at gmail.com
Tue Aug 24 07:53:24 CDT 2010


Say,

I just picked this up on my messages!

There are a whole host of these requests!
Anyone know whow there people are? Is there a way to report them?
Any suggestions as to how to block them?

[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:16] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password
[Aug 23 10:34:17] NOTICE[1010] chan_sip.c: Registration from '"912" <sip:1 at 41.1.1.1>' failed for '184.106.217.112' - Wrong password

C:\>tracert 184.106.217.112

Tracing route to 184-106-217-112.static.cloud-ips.com [184.106.217.112]
over a maximum of 30 hops:

  1     2 ms     1 ms     1 ms  192.168.10.199
  2     5 ms     3 ms     2 ms  192.168.1.197
  3    11 ms    14 ms     8 ms  196-210-138-1.dynamic.isadsl.co.za [196.210.138.1]
  4    14 ms     9 ms    11 ms  cdsl1-rba-vl2360.ip.isnet.net [196.38.73.133]
  5    10 ms     9 ms     9 ms  cdsl1-rba-vl150.ip.isnet.net [196.38.73.17]
  6    11 ms    10 ms    12 ms  core2b-rba-te2-0-1.ip.isnet.net [168.209.1.182]
  7   183 ms   182 ms   183 ms  mi-za-rba-p6-gi3-0-2-102.ip.isnet.net [168.209.164.13]
  8   179 ms   182 ms   180 ms  mi-uk-dock-p2-po3-0-2.ip.isnet.net [168.209.163.3]
  9   179 ms   178 ms   178 ms  core2a-dock-gi1-0-19-102.ip.isnet.net [168.209.164.56]
 10   180 ms   180 ms   180 ms  168.209.246.1
 11   233 ms   255 ms   233 ms  ge-2-1-0.mpr1.lhr2.uk.above.net [195.66.224.76]
 12   216 ms   214 ms   221 ms  ge-5-1-0.mpr1.lhr2.uk.above.net [64.125.27.149]
 13   276 ms   280 ms   283 ms  so-0-1-0.mpr1.dca2.us.above.net [64.125.27.57]
 14   269 ms   264 ms   260 ms  so-0-1-0.mpr1.lga5.us.above.net [64.125.26.98]
 15   282 ms   291 ms   294 ms  xe-0-3-0.cr1.lga5.us.above.net [64.125.29.49]
 16   323 ms   341 ms   295 ms  xe-0-2-0.cr1.ord2.us.above.net [64.125.27.169]
 17   307 ms   292 ms   293 ms  xe-1-1-0.er1.ord7.above.net [64.125.26.250]
 18   314 ms   308 ms   314 ms  64.124.65.218.allocated.above.net [64.124.65.218]
 19   321 ms   315 ms   438 ms  core1-ed2-edge3.ord1.rackspace.net [173.203.0.109]
 20   310 ms   302 ms   294 ms  core1-aggr301a-2.ord1.rackspace.net [173.203.0.173]
 21   288 ms   296 ms   302 ms  184-106-217-112.static.cloud-ips.com [184.106.217.112]

Trace complete.


Thanks Shaun
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100824/24898655/attachment.htm 


More information about the asterisk-users mailing list