|Summary:||ASTERISK-16245: Bruteforce hack|
|Date Opened:||2010-06-15 21:07:07||Date Closed:||2010-06-16 08:37:41|
|Description:||Lately there are some registration attempts from different IPs to register to my servers. Both on SIP and IAX.|
Is it possible to think of disabling an IP source not to be able to register for a few minutes after some unsuccessful registration attempts?
Since wrong user/pass cannot be handled in firewall, can there be a new feature in Asterisk to do it?
|Comments:||By: Jamuel Starkey (jamuel) 2010-06-15 22:48:17|
Take a look at the fail2ban package if you are dealing with a linux w/ iptables host. YMMV but http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk should get you pretty close.
By: Paul Belanger (pabelanger) 2010-06-16 08:37:41
This is a support request (see below), not a bug.
Thanks for your comments. This does not appear to be a bug report and we are closing it. We appreciate the difficulties you are facing, but it would make more sense to raise your question in the support tracker, http://www.asterisk.org/support