[asterisk-users] Asterisk 11 security log, fail2ban, drive-by SIP attacks
Giles Coochey
giles at coochey.net
Mon Jul 8 06:46:22 CDT 2013
Just a note that I did a little work to extend FreePBX distro with some
extra Fail2Ban which deals with some drive-by SIP registration attempts.
My regex is poor to middling, but the steps detailed here:
http://www.coochey.net/?p=61 manage to stop IPs which try to
authenticate against Asterisk which FreePBX were not able to stop before.
I would welcome any improvements anyone would care to submit and I'll
extend the article a little.
The changes need the Asterisk security log feature, which I think was
only introduced in later versions of Asterisk (e.g. v11).
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles at coochey.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4968 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20130708/2571ee60/attachment.bin>
More information about the asterisk-users
mailing list