Bug#706739: Asterisk do not log source IP for Fake auth rejection
Carlos Alberto Lopez Perez
clopez at igalia.com
Fri Jun 14 16:18:22 UTC 2013
On 04/05/13 05:43, Dominik Strnad wrote:
> Details: When using alwaysauthreject=yes in sip.conf, then source IP of
> attacker is not logged when rejecting INVITES from not registered
> devices trying to authenticate at call beginning (only asterisk server
> IP itself is logged).
>
> Solution: As Diginum will not solve this issue even this problem
> concerns a lot of users, I created small patch solving this it, allowing
> fail2ban correctly handling such brute force attacks.
>
I can confirm this issue.
I'm getting lot of bruteforcing attempts, but fail2ban is not working
because the source IP address it not being displayed on the logs.
Could this patch be applied on current Debian Asterisk for stable?
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20130614/a119f12f/attachment.sig>
More information about the Pkg-voip-maintainers
mailing list