There are some good suggestions here as a starting point: http://jcs.org/notaweblog/2010/04/11/properly_stopping_a_sip_flood/
Rgds, mcr On 29 June 2010 15:39, Rodrigo Lang <[email protected]> wrote: > Hello list. > > I'm trying to find a way to block any ip that tries to login more than > three times with the wrong password and try to log in three different > extensions. For I have suffered some brute force attacks on my asterisk in > the morning period. > > The idea would be: Any ip with three attempts without success to log into > an extension is blocked. > > Is there any way to accomplish this directly by the asterisk? Or is there > some kind of asterisk spit this information via the AMI? > > I was wondering to make a Java program to listen to the AMI and create a > rule in iptables for ip in specific. > > Does anyone have any suggestions? > > > Thanks, > Rodrigo Lang. > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
