Koozali.org: home of the SME Server
Obsolete Releases => SME VoIP (Asterisk, SAIL etc) => Topic started by: fred2k3 on May 27, 2016, 11:44:48 AM
-
Hi, I keep seeing these sorts of things from the Asterisk CLI:
[May 27 10:26:46] NOTICE[4367]: chan_sip.c:22081 handle_request_invite: Call from '' (89.163.148.39:5084) to extension '900972598333332' rejected because extension not found in context 'mainmenu'.
Excuse my ignorance, but what is actually happening here? To me it looks like the ext IP/port 89.163.148.39:5084 is trying to call 900972598333332... but perhaps I'm wrong? I thought this may be a scam where the owner of 900972598333332 gets $$ when the number is called.
I usually do the following to block the IP: /sbin/iptables -I INPUT -s 89.163.148.39 -j DROP but I could do with understanding things better, and implementing a more permanent solution.
Any help or advise would be appreciated.
-
either this, or somebody trying to call overseas for free.
It even seems they try to reach God for free :D
+972 is for Israel , mobile - Jawall (59)
luckilly you do not have a dial route for 9 00 972 ... otherwise you would have paid the bill.
I suggest you close simply asterisk port from the outside of your local network.
-
I'm not an asterisk expert, but I strongly suggest you to install fail2ban contrib and not to play with iptables from CLI
that said, after a fast search with google, I agree with your analysis.. IMO, just ignore it and protect your install with fail2ban
-
It also seems that guest SIP guests are allowed in your config. Please correct that to set to no.
-
Thank you RequestedDeletion for your suggestion ;-)
-
Thanks for all the responses and suggestions, I will definitely look into fail2ban.
RequestedDeletion - yes that sounds like a good idea.. but where do I set that? Spent 15 mins and can't find it! I'm using SAIL 3.1.1-22
-
RequestedDeletion - yes that sounds like a good idea.. but where do I set that? Spent 15 mins and can't find it! I'm using SAIL 3.1.1-22
I left Sail a long time ago. Maybe you want to take a look at Asterisk+FreePBX contrib, there is much more support for that here on contribs.org. See the wiki and the latest version announced on the bugtracker last week.
-
Another suggestion.
Only allow vpn connections from remotes.
I use ipsec for routers (or say SME in gateway mode) - asterisk to connect my networks together, and openvpn for connections from mobiles etc.
All general public access is closed. I find that tends to keep most of the baddies out :-)
B. Rgds
John
-
You might find this useful?
http://www.sailpbx.com/mediawiki/index.php/VOIP_security_-_READ_THIS! (http://www.sailpbx.com/mediawiki/index.php/VOIP_security_-_READ_THIS!)
Regards Paul
-
You might find this useful?
http://www.sailpbx.com/mediawiki/index.php/VOIP_security_-_READ_THIS! (http://www.sailpbx.com/mediawiki/index.php/VOIP_security_-_READ_THIS!)
Regards Paul
Just modified the link in your post as it forgot the !
Yes, as I said above, wherever possible block ALL direct outside access to Asterisk and only allow VPN connections. Makes life a lot simpler.