Koozali.org formerly Contribs.org

Restricting registration IPs

Restricting registration IPs
« on: June 26, 2014, 07:02:35 PM »
Every so often we get hacking attempts on our SAIL 3.1.1-22 PBX (which cause a huge grind) in the form of repeated:

[Jun 26 16:11:31] NOTICE[4426]: chan_sip.c:24331 handle_request_register: Registration from '"6006" <sip:6006@Our PBX IP>' failed for '64.22.107.114:8550' - Wrong password

I know we can drop these using: /sbin/iptables -I INPUT -s '64.22.107.114 -j DROP

..but how can I restrict registration by IP address?

And how did the hackers find out about that extension number?

Re: Restricting registration IPs
« Reply #1 on: June 29, 2014, 08:52:09 AM »
Hi Fred
Install fail2ban and get the asterisk.conf file from sarkpbx.com site. It will stop them after 3 attempts for 24 hrs.
Regards

Gordon............

Re: Restricting registration IPs
« Reply #2 on: December 03, 2014, 08:04:16 AM »
Thanks for your reply.
anosh g

Re: Restricting registration IPs
« Reply #3 on: February 15, 2017, 03:38:39 PM »
Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...

Offline ReetP

  • *
  • 1,273
Re: Restricting registration IPs
« Reply #4 on: February 16, 2017, 07:44:29 PM »
Does anybody know how to restrict the IPs that are virtual IPs? when users try to login througth horison wm ware, for example...

An IP is an IP, virtual or not. Do you mean a public or private IP ?

IMHO the best option is to not make your server publicly accessible and only allow access from vpn or trusted local connections.

E.g my users on my networks can only connect via router based ipsec in the offices, or with openvpn if off site.

My 10c for a quieter life.....

B. Rgds
John
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Re: Restricting registration IPs
« Reply #5 on: March 29, 2017, 10:09:49 PM »
On a serious note I use 3cx on a vm. Id rather use sail but its not directly integrated into sme, how much would be required £ wise to if there is an interest?
the above may work with a bit of help, down hill with the wind behind it

Offline Jean-Philippe Pialasse

  • *
  • 1,160
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Restricting registration IPs
« Reply #6 on: March 30, 2017, 09:25:40 PM »
have you considered https://wiki.contribs.org/FreePBX ?
contrib already integrated, with backup and restore functionality. Recent version of Asterisk supported, and up to date version of Freepbx to handle easily your configuration.