[asterisk-users] Firewalling and Asterisk
Silver Thorne
zoraxus at gmail.com
Sun Nov 28 11:03:36 CST 2010
Forgive my ignorance on this as I am still fairly new to Asterisk.
I have noticed lately that there have been several attempts to hack our
Asterisk server. I see multiple attempts to log in with a particular
extension from the same IP address, perhaps hundreds of times per
second. It causes the overhead to spike to ~100%. It is more of a pain
in the ass than anything.
So far what I have been doing is adding a drop of this particular IP
address to my iptables configuration. This makes that particular one
stop and overhead drops back to normal.
What I would like to know is:
1. has anyone else seen this?
2. what is the best way of prevention?
We are awaiting our Cisco firewall, but I can implement a software
solution in the meantime (Shorewall).
So, I am wondering if anyone has a firewall/IP tables statement that
keep out unauthorised users? No one seems to get in as we use really
strong passwords. However, the attempts cause our Asterisk server to
grind almost to a halt. I cannot even connect with a SIP phone when this
happens.
Any words of wisdom for me?
Thanks!
Glen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101128/426c9711/attachment.htm
More information about the asterisk-users
mailing list