Theo Band wrote:
> On 09/26/2011 01:02 PM, Jennifer Botten wrote:
>>
>> I am having an issue with someone accessing our server via a SIP/VOIP
>> connection. I have changed my iptables rules to drop all UDP traffic
>> from and too this IP address, but this traffic seems to still run
>> through my server. These are the iptables rules that I current have on
>> the server.
>>
>> -A INPUT -i eth0 -s 209.61.231.42 -p udp -j DROP
>>
>> -A INPUT -i eth0 -d 209.61.231.42 -p udp -j DROP
>>
>>
> If your SIP server needs to be accessed from any IP address, consider to
> use fail2ban. Easy to setup and it will block access to your SIP server
> after so many false attempts.
> I started using fail2ban to prevent the logs (Asterisk) from cluttering
> failed logons.
Let me chime in: *yes* to fail2ban. We use it here at work, and it works,
and is very good. Not too hard to configure for basic usage, either, but
very extensible.
mark