On Sun, Nov 28, 2010 at 12:24 PM, Steve Edwards
> On Sun, 28 Nov 2010, Silver Thorne wrote:
>> I have noticed lately that there have been several attempts to hack our
>> Asterisk server.
>> So, I am wondering if anyone has a firewall/IP tables statement that
>> keep out unauthorised users?
> 0) Read the list archives, this comes up weekly.
> 1) Determine who (in terms of external IP addresses) should be allowed to
> connect to your server.
> 2) Create a list of iptables commands to allow those IP addresses.
> 3) Deny everybody else.
> 4) Use ‘fail2ban’ or something similar to detect abusive addresses and
> block them, if only for an [hour|day|week] or so.
> Even if you have ‘mobile’ users who ‘need to connect from everywhere’ you
> can probably define ‘everywhere’ a bit better like ‘not from North Korea’
> or ‘not from Africa’ — with suitable apologies to readers from North
> Korea or Africa.
> Thanks in advance,
> Steve Edwards
href=”mailto:email@example.com”>firstname.lastname@example.org Voice: +1-760-468-3867 PST
> Newline Fax: +1-760-731-3000
I agree with Steve, this is the safest way to tackle it. For the road
warriors that demand an extension, I use SNOM 370VPN if they want to
carry around a real phone or openvpn x-lite on their laptops.