It could be possible they are not scanning your asterisk server. They are just scanning 5060 and in this case your ATA caught by scan directly that why you don't have any logs on server side. Don't you have any setting in ATA to specify allowed IP address ?
-Satish From: [email protected] To: [email protected] Date: Mon, 28 Feb 2011 10:27:33 -0500 Subject: Re: [asterisk-users] asterisk security....again http://sipera.com/ is one such product. From: [email protected] [mailto:[email protected]] On Behalf Of Rizwan Hisham Sent: Monday, February 28, 2011 9:33 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] asterisk security....again Thanks Mr. Kevin. Can anyone please also tell me which firewall is best suited for asterisk/sip attack prevention. Is there any firewall built specially to address sip security problems?On Mon, Feb 28, 2011 at 6:38 PM, Kevin P. Fleming <[email protected]> wrote:On 02/28/2011 07:27 AM, Rizwan Hisham wrote:Any suggestions on encrypting the sip and rtp. I have done some googling on it. looks like it is not supported by most end point devices or service providers. But still your thoughts will be appreciated on this subject. You cannot protect a remote SIP endpoint from attacks via your server; that SIP endpoint is an endpoint itself, and if it can receive IP packets from attackers, it will process them. These packets don't go through your server, and encrypting the legitimate traffic between your server and the remote endpoint isn't going to make any difference at all. The *only* way to address attacks like this is to modify the configuration of the remote endpoint to ignore all incoming packets that aren't from your server(s). Even that is not a perfect solution, though, because the attacker (if they are actually aware of your server and customers) can spoof the IP addresses of your server(s) in order to get the remote endpoints to at least accept an INVITE (they can't place a successful call through them using spoofing though). -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: [email protected] Check us out at www.digium.com & www.asterisk.org -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Best RagardsRizwan QureshiVoIP/Asterisk EngineerAxvoice Inc.V: +92 (0) 3333 6767 26E: [email protected]: www.axvoice.com -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
