<p>If I didn&#39;t have fail2ban, I would have way over 20k of these entries in my asterisk log.<br></p>

<p>Zeeshan A Zakaria</p>

<p>--<br>

<a href="http://www.ilovetovoip.com">www.ilovetovoip.com</a></p>

<p><blockquote type="cite">On 2010-06-29 1:36 PM, &quot;Rodrigo Lang&quot; &lt;<a href="mailto:rodrigoferreiralang@gmail.com">rodrigoferreiralang@gmail.com</a>&gt; wrote:<br><br><span><span title="Boa tarde.">Good afternoon.

<br>

<br></span><span title="Obrigado à todos pelas respostas.">Thanks to everyone for 

answers.

</span><span title="O que eu acho estranho é o asterisk não possuir 

alguma ferramenta nativa à ele para segurança do servidor SIP.">What I find strange is 

the asterisk does not have any native tool for him to SIP server 

security.

</span><span title="Segue um exemplo do syslog messages do 

asterisk:">Here&#39;s an example of the 

syslog messages from asterisk:

<br>

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br></span><span style="background-color:rgb(255, 255, 255)" title="[Jun 15 03:05:46] NOTICE[25284] chan_sip.c: Registration from 

&#39;&quot;213&quot; &lt;sip:213@my_extern_ip&gt;&#39; failed for 

&#39;116.124.128.82&#39; - Wrong password">[Jun 15 03:05:46] NOTICE 

[25284] chan_sip.c: Registration from &#39;&quot;213&quot; 

&lt;sip:213@my_extern_ip&gt;&#39; failed for &#39;116 .124.128.82 &#39;- Wrong 

password

<br>

<br>

</span><span style="background-color:rgb(255, 255, 255)" title="Pelo que contei existe em torno de vinte mil registros desse em 

uma hora.">From what I told there is

 around twenty thousand records that at one time. </span><span title="E 

pelo menos uma vez por semana eu recebo um ataque desses vindo de um ip 

diferente.">And at least once a week I

 receive such an attack coming from a different ip.

</span></span><br><br><span><span title="">I will 

read the articles. </span><span title="">Thanks again to everyone.<br><br><br></span><span title="">Regards,<br></span><span title="">Rodrigo Lang.<br><br></span></span><br><div class="gmail_quote">2010/6/29 Kenny Watson <span dir="ltr">&lt;<a href="mailto:kwatson@geniusgroupltd.com" target="_blank">kwatson@geniusgroupltd.com</a>&gt;</span><p>

<font color="#500050"><br>&gt;<br>&gt; Hi, you can use fail2ban <a href="http://www.voip-info.org/wiki/view/Fail2Ban+(with+iptables)+And+Asteri.">http://www.voip-info.org/wiki/view/Fail2Ban+(with+iptables)+And+Asteri.</a>..</font></p>

</div><br>

<br>--<br>

_____________________________________________________________________<br>

-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>

New to Asterisk? Join us for a live introductory webinar every Thurs:<br>

               <a href="http://www.asterisk.org/hello" target="_blank">http://www.asterisk.org/hello</a><br>

<br>

asterisk-users mailing list<br>

To UNSUBSCRIBE or update options visit:<br>

   <a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br></blockquote></p>