[Spce-user] How do I block this hack attempt?
Roberto Oliveira
roberto.oliveira at tmco.com.br
Tue Aug 16 08:21:54 EDT 2016
Daniel,
In that post, you mentioned that “we are working to include fail2ban in the
next upcoming NGCP version”.
Did you managed to include Fail2ban in the current version of the CE
release?
Thanks
--Roberto
*From:* Spce-user [mailto:spce-user-bounces at lists.sipwise.com] *On Behalf
Of *Daniel Grotti
*Sent:* terça-feira, 16 de agosto de 2016 09:08
*To:* spce-user at lists.sipwise.com
*Subject:* Re: [Spce-user] How do I block this hack attempt?
Hi,
you can have a look at :
https://www.linkedin.com/pulse/securing-your-ngcp-against-sip-attacks-daniel-grotti?trk=mp-reader-card
Quite old, but still valid.
In your case looks like users are trying to authenticate, failing more then
3 times, so they got banned.
I think you may find some answers in the link above.
Cheers,
Daniel
On 08/16/2016 02:04 PM, William Hilsum wrote:
I didn’t get any confirmation yesterday, so, trying to resend…
Hi,
I have just looked at the security banks section and I notice that there
are no banned IPs, but, loads of entries for “random-4-digits at PBX-IP”.
For example, take a look here - http://imgur.com/a/hA9Uz
Can anyone advise on any security best practice I should set up?
Thanks,
William
_______________________________________________
Spce-user mailing list
Spce-user at lists.sipwise.com
https://lists.sipwise.com/listinfo/spce-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160816/5b351138/attachment-0001.html>
More information about the Spce-user
mailing list