similar to: "Register Attacks" End of ENUM ?

Hello all you Gurus out there! Please could you explain something to me: Currently I try to get ENUMLOOKUP() working. Naturally I do all the testing with my own number. I registered my number at e164.org I paid for registration of my number at a registration agent for e164.arpa (I know, I don't need both. I just did the .arpa registration first and later discoverd the free .org service....)

Hello everybody! I've got a big problem: In my small business I use a Home-banking software which I got from my bank. Using it for many years now, it became very very important for me. Needless to say, it's a Windows software. Up to now, it was a Win 3.1 software which ran inside the Windows-Box of my ancient OS/2-PC. (The only reason why I still have this PC runnig OS/2). This summer I

Hi everybody! I've setup my dialplan so that if an extension dials *21*, that extension is added/removed as a queue member to a queue. (State toggled). But it would be great to get an "optical feedback" of that phone's state regarding the queue membership. Does someone know if it is possible to light up a LED under this szenario? Many thanks! Norbert

Hello everybody, I've been using asterisk 1.2 for quite a long time now, but I thought it's time to try a newer version of asterisk. So I downloaded 1.8.5, extracted the tar, ran configure, make, make install ... Everything looks fine (no obvious compile/link errors). But as soon as I start asterisk, it dies with a segfault. I executed asterisk within strace and last action before the

Hi Brian, many thanks to you for your answers in the past! The always gave me the little bit of mising information... My Asterisk box is running fine now so I want to try the "next step"... And now to all of you .... What I want to implement is to use 1 button of my snom-360 phone for following purpose: If I leave my desk I press this button. A light should show up as an

Hi everybody, I've got a very strange problem: As far as I remember I didn't change anything on my Asterisk side. I have 2 SIP providers to which I can place outbound calls. Today I noticed that outbound calls to provider "inode" fail (and inbound from this provider too). On the CLI I get every 20 seconds following messages: Nov 9 20:01:07 NOTICE[952]: chan_sip.c:5422

Hi folks! My bank sent me a CD with the new version of it's Homebanking software. This new version uses internet for communication, the old one dialed with the modem direct to the banks computer. Because the old access will be revoked end of this year, it is very very important to switch to the new version. So I put the cd into the drive, mounted /cdrom an started "wine

Hi everybody, i've been googling for quite some time now but can't find an answer to my problem... I'm using Asterisk 1.2.12.1 with mysql as the cdr backend. In the dialplan i've written exten => 1234,n,Set(CDR(userfield)=blah) exten => 1234,n,Answer() exten => 1234,n,Queue(.....) exten => 1234,n,Hangup() When I'm doing a call I can see that the statement is

Hello everybody, I have a problem and already browsed the mailing list archives but didn't find any help. So I ask here.... My new * Box ist up & runnig. Got access to the SIP server of my Internet provider (Userid, password, phone number, ...). And yesterday I tried my first calls to the outside world. (Internal calls work). Now when I call from the SNOM-360 connected to Asterisk to my

Hello people, I've been following the Astrerisk program for some years now and I was wondering wether this is something that our company could supply as a value added service. Typical environment: --------------------------- Incomming Lines ISDN 2 Channel From BT (yes im in the UK) (Do I need some type of ISDN Interface Card?) Extensions 10 Users require (Can I use a computer to answer and

On 1/9/20 2:08 AM, Pete Biggs wrote: >> Has anyone created a fail2ban filter for this type of attack? As of >> right now, I have manually banned a range of IP addresses but would >> like to automate it for the future. >> > As far as I can see fail2ban only deals with hosts and not networks - I > suspect the issue is what is a "network": It may be obvious to

Well, correct me if I'm wrong, but I would say this conversation you have posted is a bit outdated, now fail2ban can be used with asterisk security log https://wiki.asterisk.org/wiki/display/AST/Asterisk+Security+Event+Logger. On Thu, Aug 17, 2017, 4:53 AM Telium Technical Support <support at telium.ca> wrote: > Keep in mind that the attacks you are seeing in the log are ONLY the

Hi has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed "iptables-block.sh" and distribute it to any

Over the weekend one of our servers at a remote location was hammered by an IP originating in mainland China. This attack was only noteworthy in that it attempted to connect to our pop3 service. We have long had an IP throttle on ssh connections to discourage this sort of thing. But I had not considered the possibility that other services were equally at risk. Researching this on the web does

I'm in the process of rolling out new setups with dovecot on CentOS 5.2 and I notice that dovecot doesn't handle the brute-force attacks too nice. I reduced the limit a bit to some reasonable looking value: login_max_processes_count = 32 to stop them earlier and the number of processes stops at that figure when an attack happens. However, it stays at this count for hours although the

I'm looking for a way to deny access to dovecot from certain IP addresses, basically to help prevent brute force attacks on the server. Right now I'm using denyhosts which scans /var/log/secure for authentication failures which then can add an entry to /etc/hosts.deny, but since dovecot doesn't have tcp wrappers support, that doesn't do anything. It doesn't look like I can

Has anyone implemented a script to block IPs which are attacking on POP3 ports using dovecot logs to indicate repetitive failed login attempts? sshblack does this nicely for ssh (port 22) attacks by monitoring the /var/log/secure file. I am considering rewriting this to POP3 port (110), but if it has already been done, I sure don't need the practice. Thanks!

So I have this nice, simple web server up running. Its purpose is to allow me external testing with HIP, and to provide some files for external distribution. Of course, there it is sitting on port 80 and the attacks are coming in per logwatch report. Examples from the report include: Requests with error response codes 404 Not Found //phpMyAdmin-2.5.1/scripts/setup.php: 1

We have several web applications deployed under Apache that require a user id / password authentication. Some of these use htdigest and others use the application itself. Recently we have experienced several brute force attacks against some of these services which have been dealt with for the nonce by changes to iptables. However, I am not convinced that these changes are the answer. Therefore

Hi, I been using dovecot for awhile and its been solid, however I been having some issues with dictionary attacks. I installed fail2ban and for the most part is working fine. However today I got another spammer relaying through my server. Looking at the logs I see the following dictonary attack from 94.242.206.37 Nov 10 03:04:38 pop dovecot: pop3-login: Disconnected: rip=94.242.206.37,