[asterisk-users] Can't block intrusion
Greg Troxel
gdt at lexort.com
Wed Apr 1 16:14:24 CDT 2020
D'Arcy Cain <darcy at VybeNetworks.com> writes:
> Here is the first four lines from "pfctl -sr":
>
> pass in quick on bge0 from <FRIENDS> to any flags S/SA keep state
> block drop in log quick on bge0 from <ENEMIES> to any
> block drop in log quick on bge0 from <AUTOBLOCK> to any
> block drop out log quick on bge0 from any to <AUTOBLOCK>
agreed that I can't see it.
>> You say "continues to try", but surely you are not surprised that
>> packets arrive at your computer. I think you are surprised that they
>> make it to asterisk. But your language doesn't quite line up with
>> that. Am I misinterpreting?
>
> Maybe. By "try" I don't mean "try to get through". I mean "try to
> access my switch". They aren't actually breaking in. My passwords are
> strong enough to frustrate them.
Yes, but the fact that the sender is sending packets is no surprise.
The issue is about how those are handled. I think you need to use
tcpdump and turn up firewall debugging.
More information about the asterisk-users
mailing list