Koozali.org: home of the SME Server
Obsolete Releases => SME VoIP (Asterisk, SAIL etc) => Topic started by: fred2k3 on June 26, 2014, 07:02:35 PM
-
Every so often we get hacking attempts on our SAIL 3.1.1-22 PBX (which cause a huge grind) in the form of repeated:
[Jun 26 16:11:31] NOTICE[4426]: chan_sip.c:24331 handle_request_register: Registration from '"6006" <sip:6006@Our PBX IP>' failed for '64.22.107.114:8550' - Wrong password
I know we can drop these using: /sbin/iptables -I INPUT -s '64.22.107.114 -j DROP
..but how can I restrict registration by IP address?
And how did the hackers find out about that extension number?
-
Hi Fred
Install fail2ban and get the asterisk.conf file from sarkpbx.com site. It will stop them after 3 attempts for 24 hrs.
-
Thanks for your reply.
-
Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...
-
Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...
An IP is an IP, virtual or not. Do you mean a public or private IP ?
IMHO the best option is to not make your server publicly accessible and only allow access from vpn or trusted local connections.
E.g my users on my networks can only connect via router based ipsec in the offices, or with openvpn if off site.
My 10c for a quieter life.....
B. Rgds
John
-
On a serious note I use 3cx on a vm. Id rather use sail but its not directly integrated into sme, how much would be required £ wise to if there is an interest?
-
have you considered https://wiki.contribs.org/FreePBX ?
contrib already integrated, with backup and restore functionality. Recent version of Asterisk supported, and up to date version of Freepbx to handle easily your configuration.