[asterisk-users] Blacklist failed attempts

[Antony Stone]

On Thursday 01 March 2018 at 14:02:37, Atux Atux wrote:

> Hi. I would like to protect my system from failed attempts. I would like to
> ask if there is a way to do a blacklist for certain amount of time
> consecutive attempts from the same IP.

fail2ban

> For example if we have an IP that gets a wrong passwd an it had tried more
> than 3 times the last 5 minutes, blacklist it for an hour.

Good plan.

> I have tried to implement it through fail2ban,

What have you tried?  Show us the configuration.

> but it does not seem to work for my asterisk implementation.

Which version of Asterisk are you using and how have you set up fail2ban?

> Is there any other way?

There may be other ways, but fail2ban really is the right tool for this job.


Antony.

-- 
I conclude that there are two ways of constructing a software design: One way 
is to make it so simple that there are _obviously_ no deficiencies, and the 
other way is to make it so complicated that there are no _obvious_ 
deficiencies.

 - C A R Hoare

                                                   Please reply to the list;
                                                         please *don't* CC me.