Theo Band wrote: > On 09/26/2011 01:02 PM, Jennifer Botten wrote: >> >> I am having an issue with someone accessing our server via a SIP/VOIP >> connection. I have changed my iptables rules to drop all UDP traffic >> from and too this IP address, but this traffic seems to still run >> through my server. These are the iptables rules that I current have on >> the server. >> >> -A INPUT -i eth0 -s 209.61.231.42 -p udp -j DROP >> >> -A INPUT -i eth0 -d 209.61.231.42 -p udp -j DROP >> >> > If your SIP server needs to be accessed from any IP address, consider to > use fail2ban. Easy to setup and it will block access to your SIP server > after so many false attempts. > I started using fail2ban to prevent the logs (Asterisk) from cluttering > failed logons. Let me chime in: *yes* to fail2ban. We use it here at work, and it works, and is very good. Not too hard to configure for basic usage, either, but very extensible. mark