[asterisk-users] asterisk and fail2ban

JR Richardson jmr.richardson at gmail.com
Thu Mar 31 10:42:52 CDT 2011


> From: vip killa
> Sent: Thu 3/31/2011 8:17 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [asterisk-users] asterisk and fail2ban
>
>
> Back to the original question, for those of you using Fail2Ban,
> Does it take an unusually high amount of break-in attempts before attackers are banned?
> I have it set to 5 attempts in fail2ban but usually, the attacker is able to make over 100 attempts before fail2ban bans them.
> I've tried this using asterisk's /var/log/asterisk/messages and /var/log/messages with same results.
> Perhaps someone else is experiencing this or has resolved it, thank you.
>
I have F2B set to ban after 1 attempt.  The most I have seen in the
logs is 4-5 attemps before ban is applied.  I am calling scripts that
apply the ban to a cisco access-list, so there is script/telnet/config
delay but it is very minimal and works very well.

JR
-- 
JR Richardson
Engineering for the Masses



More information about the asterisk-users mailing list