search for: vaxsipuserag

...tect the IP address. I used wireshark to capture the packets. Although I am using very strong password for my SIP users but still is there any way to drop these packets and stop this attack. I tried dropping packet after matching some string (most of the packets from attacker contains string 'VaxSIPUserAgent/3.1' ) but it failed. Packets are still flowing in. iptables -I INPUT 1 -p tcp --dport 5060 -m string --string "VaxSIPUserAgent" --algo bm -j DROP ?Its something like this Registration from '"30" <sp:30 at my_public_ip:5060> failed for '192.168.xxx.xxx:6...