similar to: sshd doing dns queries on localhost?

Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '"4941" <sip:4941 at public_ip>' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '"4941"

Hello friends: I am facing cutoffs randomly when negotiating calls. The PBX dials the destination, the provider (softswitch) receives the request *[1]* and sudenly the PBX hangs up the call* [2]* while the provider is still dialing it, as a consequence the remote peer receives a ghost call. Along the atempt I could see six times a messages regarding NAT isuues *[3]* I hope anyone can give me an

I''d like to convert some simple, general ruby scripts I have into rails apps just for testing purposes. Many of these apps are not DB driven, so the whole CRUD concept does not apply to them... here''s a sample: require ''socket'' server = TCPServer.new(''12345'') while (session = server.accept) Thread.new(session) do |this_session|

I''ve had some issues with my network, and I''ve had to reconfigure my Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so I downloaded the relevant files from the install page. Masq and such works, but I''m having a problem with my port forwarding. It works for port 22, but it doesn''t seem to work for any other port. I''ve turned

Andrew, Just passing the public IP of our samba to samba_dnsupdate is enough to replicate the data correctly? samba_dnsupdate --verbose --all-names --current-ip=PUBLIC_IP On Fri, Sep 25, 2020 at 6:39 AM Andrew Bartlett <abartlet at samba.org> wrote: > On Thu, 2020-09-24 at 14:59 -0300, Elias Pereira via samba wrote: > > Hello, > > > > Has anyone already installed

Hello, what does this message mean ? [Oct 12 14:03:32] DEBUG[9064] chan_sip.c: Trying to put 'SIP/2.0 401' onto UDP socket destined for public_ip:2049 I find this in my debug log file when "core set debug 25". Is something failing, or is this just informative ? Kind regards, Jonas. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi all I am trying to get rid of strings: kernel: Connection attempt to UDP FREEBSD_IP:port from DNSSERVER_IP:53 on my console and in log file I understand that those are replies on DNS queries that for some reason took too long time to be answered. I do not want to turn off the "log in vain" feature. As these strings fill up my log I am afraid to miss some sensitive messages (e.g.

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

Am 12.03.2019 um 10:16 schrieb Rowland Penny via samba: > On Tue, 12 Mar 2019 01:47:53 +0100 > Christian via samba <samba at lists.samba.org> wrote: > >> Am 11.03.2019 um 09:24 schrieb Rowland Penny via samba: >>> On Mon, 11 Mar 2019 07:16:30 +0100 >>> Christian via samba <samba at lists.samba.org> wrote: >>> >>>> Dear all,

Hello, I'm having difficulty with registering a SIP account in a Snom 320 IP-phone. This is what sip debug tells me : [Oct 7 13:28:42] VERBOSE[20314] chan_sip.c: [Oct 7 13:28:42] <--- SIP read from UDP:public_ip:58697 ---> REGISTER sip:sip.domain.tld SIP/2.0 Via: SIP/2.0/UDP 192.168.114.200:2048;branch=z9hG4bK-vj1xvbdnp4dw;rport From: <sip:test3 at

My machine got hacked a few days ago through the samba bug. I reinstalled everything cvsuped src-all, and ran chkrootkit. No more LKM but still... Can anyone please advise ? bash-2.05b# chkrootkit | grep INFECTED Checking `chfn'... INFECTED Checking `chsh'... INFECTED Checking `date'... INFECTED Checking `ls'... INFECTED Checking `ps'... INFECTED -- Jay -------------- next

hello, I have turned on sysctls variables: net.inet.tcp.log_in_vain: 1 net.inet.udp.log_in_vain: 1 And i have plenty of strange connection attempts on udp protocol Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Connection attempt to UDP

Issue is what subject says. Here is the background. Version: 11.11.0 Topology: Asterisk Box at our Data Center behind Cisco Firewall. Everything works fine from remote offices over a VPN. Issue is sales team would like to connect up to our Asterisk box remotely (offnet). Common enough solution, I'm guessing. So, I've opened all the correct holes on the firewall and hammered out

I don't think I'm trying to do anything amazing, but IPFW's logging features are giving me a real headache. I can't find much in the archives either, but I find it hard to believe others havne't found this too. My rule: add 100 allow log tcp from any to <my IP> <ports> limit src-addr 2 I want connecting parties to be able to form no more than 2 connection. This

Hi All, i am stuck in NAT issue on ec2 cloud computing from last 2-3 days , may be some of you are doing setup and integration on cloud. below is my setup details which may help you to suggest me solution. Asterisk version : 1.6.2.6 1) Kamailio server having public_ip as well local ip .i am using mediaproxy [also tried rtpproxy] . 2) Asterisk server having public_ip as well local ip. setup:

Hi list, We, an OSS advocacy group, setup a Xen 3.1 machine composed of : . a 64 bits dom0 running Debian stable amd64 . 2 hvm domUs running OpenBSD amd64 . 2 hvm domUs running NetBSD i386 This machine is to be hosted and reachable from the Internet, but it will only have one public IP. Naturally, our first tought was to port-forward using iptables / netfilter. We didn''t really

Just saw this from eWeek. "IBM, which paid roughly $500,000 for the testing, and SuSE (pronounced "SOOS-ah") were announcing the certification jointly. " The article is here: http://www.eweek.com/article2/0,3959,1212529,00.asp --- Darren Reed <avalon@caligula.anu.edu.au> wrote: > In some mail from twig les, sie said: > > > > I actually just asked

Hello, My computer is not connecting to the local network with the following configuration: dmesg.boot contains the following lines: ----------------------------------------- vr0: <VIA VT3043 Rhine I 10/100BaseTX> port 0xec00-0xec7f mem 0xfeafbc00-0xfeafbc7f irq 11 at device 12.0 on pci2 vr0: Ethernet address: 00:40:05:a5:00:04 miibus0: <MII bus> on vr0 amphy0: <Am79C873 10/100

Hi All, I need to configure a VPN between a FreeBSD-4.8 box and a Linux (FreeS/WAN) box. In the Linux side, the network administrator installed FreeS/WAN with RSA authentication without IKE support. Does anybody knows if is possible to make my FreeBSD box connect a VPN with the Linux box? If so, could point me to a documentation about how to install IPSec with RSA authentication and how to make

so i just found that one of my hosts is GENERATING these probe pairs, maybe every minute or two (note the sequence numbers): seq my host victim(s) --- ---------------- --------------- 24) 192.168.0.2:1121 <--> 216.52.3.2:2703 25) 192.168.0.2:1122 <--> 216.52.3.4:2703 39) 192.168.0.2:1124 <-->