[asterisk-users] Decoding SIP register hack
Steve Edwards
asterisk.org at sedwards.com
Thu May 17 16:24:11 CDT 2018
On Thu, 17 May 2018, Daniel Tryba wrote:
> You can do nothing to stop this kind of traffic. The only thing you can
> do is block it, either using only a whitelist (cumbersome) or generate a
> blacklist with for example fail2ban or a more elaborate honeypot setup.
> Or setup a proxy that will filter patterns you discover from
Keep in mind that since this is UDP, source addresses can be spoofed so
any automated solution will need a whitelist so you don't get tricked into
blocking legitimate traffic.
And since you 'need a whitelist' why not just use that and block
everything else?
A clever solution to a mobile user base is to use knockd to allow remote
access.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
https://www.linkedin.com/in/steve-edwards-4244281
More information about the asterisk-users
mailing list