[asterisk-users] asterisk and fail2ban
Sherwood McGowan
sherwood.mcgowan at gmail.com
Tue Mar 29 12:34:04 CDT 2011
On 3/29/2011 12:25 PM, Steve Edwards wrote:
>> On Tue, 29 Mar 2011 12:10:59 -0500, Sherwood McGowan
>
>>> First thing I'd do is restrict the ip blocks your sip endpoints can
>>> register/call from in sip.conf (or your database's table for sip
>>> endpoints)
>
> On Tue, 29 Mar 2011, Gilles wrote:
>
>> Thanks for the idea, but it's not possible, as the Asterisk must be
>> accessible for road warriors and receive SIP calls from anyone.
>
> Really? How many callers are you expecting from North Korea, Libya,
> China, Iran, etc?
>
Thanks Steve, you just emailed exactly what I was going to say...
Remember guys, there's a LOT of IP blocks out there that are almost
definitely not going to be somewhere you expect to receive SIP traffic
from.
Where are you located? Where do your road warriors usually travel? Start
by blocking countries that are not going to be expected to send traffic
98% of the time. When I first started out as a consultant, I helped get
a certain U.S. ITSP up and running, and we reduced fraud and hack
attempts DRASTICALLY simply by blocking most of the countries that are
pretty much known for the prolific numbers of hackers. Sure, we had
like, 2 customers call in to say they had traveled abroad (or sent their
device to a family/friend abroad) and couldn't get their device to
register. But seriously, it was rare.
Either way, just a suggestion
--
Sherwood McGowan <sherwood.mcgowan at gmail.com>
Carrier, ITSP, Call Center, and PBX Solutions Consultant
More information about the asterisk-users
mailing list