Xavier Mesquida
2009-Nov-16 12:14 UTC
[asterisk-users] Security Against brute force attack
Has Asterisk any protection against brute force attack for SIP authentication? Something like a maximum login attempt limit Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20091116/81462e37/attachment.htm
fail2ban http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk 2009/11/16 Xavier Mesquida <xavimes at yahoo.com>> Has Asterisk any protection against brute force attack for SIP > authentication? > Something like a maximum login attempt limit > Thanks > > >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20091116/325abedf/attachment.htm
Hello Xavier, Unfortunately we are not aware of any Asterisk configuration which will protect against of a brute force attack on SIP. We use BFD - http://www.rfxn.com/projects/brute-force-detection/ . We have found first details here: http://engineertim.com/?cat=15 and we are currently maintaining 4 rules (SIP and IAX) . All of them could be downloaded from here: http://www.modulo.ro/Modulo/downloads/tools/tenora.bfd.tar.gz We have tried to document the installation of BFD on an Asterisk server here: http://www.modulo.ro/Modulo/ro/Articole/Securitate_pentru_servere_Asterisk.html (in Romanian) HTH, Ioan (Nini) Indreias www.modulo.ro On Mon, Nov 16, 2009 at 7:24 PM, TDF <aja101561 at gmail.com> wrote:> fail2ban > > > http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk > > > 2009/11/16 Xavier Mesquida <xavimes at yahoo.com> > > Has Asterisk any protection against brute force attack for SIP >> authentication? >> Something like a maximum login attempt limit >> Thanks >> >> >> > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20091118/103004ce/attachment.htm