[CentOS] Hacking Issue
m.roth at 5-cent.us
m.roth at 5-cent.us
Mon Sep 26 17:10:17 UTC 2011
Theo Band wrote:
> On 09/26/2011 01:02 PM, Jennifer Botten wrote:
>>
>> I am having an issue with someone accessing our server via a SIP/VOIP
>> connection. I have changed my iptables rules to drop all UDP traffic
>> from and too this IP address, but this traffic seems to still run
>> through my server. These are the iptables rules that I current have on
>> the server.
>>
>> -A INPUT -i eth0 -s 209.61.231.42 -p udp -j DROP
>>
>> -A INPUT -i eth0 -d 209.61.231.42 -p udp -j DROP
>>
>>
> If your SIP server needs to be accessed from any IP address, consider to
> use fail2ban. Easy to setup and it will block access to your SIP server
> after so many false attempts.
> I started using fail2ban to prevent the logs (Asterisk) from cluttering
> failed logons.
Let me chime in: *yes* to fail2ban. We use it here at work, and it works,
and is very good. Not too hard to configure for basic usage, either, but
very extensible.
mark
More information about the CentOS
mailing list