<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
If you do a search on the list postings for the past yea,r and even in
the past 2 weeks, you will find much discussion on this topic.<br>
Fail2Ban seems fairly effective <br>
Complex user names and passwords really help<br>
( assuming your hack attempts are with SIP ) sipvicious is most likely
the hackers tool of choice<br>
A couple of entries in your Sip general section will also help<br>
A default context that leads nowhere is advisable<br>
The attempt could only be the first of many to come, from different IP
addresses<br>
<br>
Google is your friend<br>
<br>
John Novack<br>
<br>
<br>
<br>
Silver Thorne wrote:
<blockquote cite="mid:4CF28B68.3080308@gmail.com" type="cite">
<meta http-equiv="content-type"
content="text/html; charset=ISO-8859-1">
Forgive my ignorance on this as I am still fairly new to Asterisk.<br>
<br>
I have noticed lately that there have been several attempts to hack our
Asterisk server. I see multiple attempts to log in with a particular
extension from the same IP address, perhaps hundreds of times per
second. It causes the overhead to spike to ~100%. It is more of a pain
in the ass than anything. <br>
So far what I have been doing is adding a drop of this particular IP
address to my iptables configuration. This makes that particular one
stop and overhead drops back to normal.<br>
What I would like to know is:<br>
<ol>
<li>has anyone else seen this?</li>
<li>what is the best way of prevention?</li>
</ol>
We are awaiting our Cisco firewall, but I can implement a software
solution in the meantime (Shorewall).<br>
<br>
So, I am wondering if anyone has a firewall/IP tables statement that
keep out unauthorised users? No one seems to get in as we use really
strong passwords. However, the attempts cause our Asterisk server to
grind almost to a halt. I cannot even connect with a SIP phone when
this happens.<br>
<br>
Any words of wisdom for me?<br>
<br>
Thanks!<br>
<br>
Glen<br>
<br>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="10000">--
Dog is my Co-pilot</pre>
</body>
</html>