On 07/08/2013 00:57, Philip Prindeville wrote:
I missed the original thread, but I see a lot of attempts from the 37.8.0.0 - 37.8.63.255 range of IPs.On Aug 6, 2013, at 2:59 PM, Chris Bagnall <[email protected]> wrote:FWIW, we routinely see dodgy traffic from:ovh.net hetzner.de
I use the Fail2Ban set up in FreePBX, together with this ( http://www.coochey.net/?p=61 ) customisation which effectively firewalls off the IPs that attempt to register.
Given the propensity of connect attempts, however, I am considering just blocking the entire range.
It might just be a small group of people scanning the range from a dynamic IP, and the 972 number might just be a test number they have set up to see if it connects, their actual aim is probably financial (e.g. to call a premium rate number that collects the call charges to a front). It's possible someone might be wanting to set up covert, untrackable communications channels, but unlikely in my opinion.
-- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
