On 04/05/13 05:43, Dominik Strnad wrote: > Details: When using alwaysauthreject=yes in sip.conf, then source IP of > attacker is not logged when rejecting INVITES from not registered > devices trying to authenticate at call beginning (only asterisk server > IP itself is logged). > > Solution: As Diginum will not solve this issue even this problem > concerns a lot of users, I created small patch solving this it, allowing > fail2ban correctly handling such brute force attacks. >
I can confirm this issue. I'm getting lot of bruteforcing attempts, but fail2ban is not working because the source IP address it not being displayed on the logs. Could this patch be applied on current Debian Asterisk for stable? Thanks
signature.asc
Description: OpenPGP digital signature
