[asterisk-users] Under heavy attack
adamk at 3a.hu
adamk at 3a.hu
Tue Nov 2 09:37:46 CDT 2010
Hi guys,
i've seen this too, nagios woke me up because it was an extremely high
volume of tries.
I took a peek into the logs and saw that the attacker's script was
trying extensions from 1 to 9999 and then random names. I can see the
log in the messages file that several attempts failed because there was
no such extension.
I see no log entries for extensions that actually exist. My passwords
are okay, so i'm not worried, i'm jusy courious, why can't i see a log
message for the matching peer extensions with a 'bad password' (or
similar) message?
thanks
adam
More information about the asterisk-users
mailing list