Contribs.org

Please login or register.

Login with username, password and session length

News:

Remember SME Server is currently free to download and use. But it is not free to build. You can help by making a donation of time OR money from the links below.

Pages: [1]   Go Down

Author Topic: Restricting registration IPs  (Read 1021 times)

fred2k3

  • Quite a regular
  • **
  • Offline Offline
  • Posts: 46
Restricting registration IPs
« on: June 26, 2014, 07:02:35 PM »

Every so often we get hacking attempts on our SAIL 3.1.1-22 PBX (which cause a huge grind) in the form of repeated:

[Jun 26 16:11:31] NOTICE[4426]: chan_sip.c:24331 handle_request_register: Registration from '"6006" <sip:6006@Our PBX IP>' failed for '64.22.107.114:8550' - Wrong password

I know we can drop these using: /sbin/iptables -I INPUT -s '64.22.107.114 -j DROP

..but how can I restrict registration by IP address?

And how did the hackers find out about that extension number?
Logged

compsos

  • Platinum Supporter
  • *
  • Offline Offline
  • Posts: 472
Re: Restricting registration IPs
« Reply #1 on: June 29, 2014, 08:52:09 AM »

Hi Fred
Install fail2ban and get the asterisk.conf file from sarkpbx.com site. It will stop them after 3 attempts for 24 hrs.
Logged
Regards

Gordon............

anosh

  • Just popping in
  • Offline Offline
  • Posts: 1
Re: Restricting registration IPs
« Reply #2 on: December 03, 2014, 08:04:16 AM »

Thanks for your reply.
Logged
anosh g

hamarima

  • Just popping in
  • Offline Offline
  • Posts: 1
    • AZ VoIP Termination Services
Re: Restricting registration IPs
« Reply #3 on: February 15, 2017, 03:38:39 PM »

Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...
Logged

ReetP

  • Wiki & Docs Team
  • *
  • Offline Offline
  • Posts: 773
Re: Restricting registration IPs
« Reply #4 on: February 16, 2017, 07:44:29 PM »

Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...

An IP is an IP, virtual or not. Do you mean a public or private IP ?

IMHO the best option is to not make your server publicly accessible and only allow access from vpn or trusted local connections.

E.g my users on my networks can only connect via router based ipsec in the offices, or with openvpn if off site.

My 10c for a quieter life.....

B. Rgds
John
Logged
...
Bugs are easier than you think :
http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in
http://wiki.contribs.org/Koozali_Foundation
Pages: [1]   Go Up
 

Page created in 0.038 seconds with 24 queries.