[asterisk-users] Asterisk secure fine tune - stop attack

A J Stiles asterisk_list at earthshod.co.uk
Thu Sep 4 11:22:18 CDT 2014


On Thursday 04 Sep 2014, motty cruz wrote:
> Hi A J,
> believe me, I wish i do as you suggested, however I have a few extensions
> outside the office with dynamic IPs, so that is not a possibility.

If you know what ISPs they are using, then you can allow just those ISPs' 
address ranges.  That will slow things down, by requiring an attacker to be 
using the same ISP as a legitimate user.

> Thanks
> for your suggestions, I will try fail2ban. I don't know how complicated is
> to implement that on production server.

It's fairly easy -- but note that physical access to the server's console is 
highly desirable, lest you accidentally block yourself out from using ssh  
(not a mistake you want to make too many times).  


-- 
AJS

Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .



More information about the asterisk-users mailing list