Failed To Authenticate Device 100

Home » Asterisk Users » Failed To Authenticate Device 100
Asterisk Users 2 Comments

Hello, I continued to see this errors in the logs:

[2015-12-02 10:05:57] NOTICE[19949]: chan_sip.c:23277
handle_request_invite: Failed to authenticate device
100;tagcdeaf7

how do I guard against this kinds of attacks? Also, to get the IP
address from where this attack come from I use the following command
“tcpdump -lni eth0 -f “udp port 5060” is there an easy way to get the attacker’s IP?

Thanks, Motty

2 thoughts on - Failed To Authenticate Device 100

  • The details of the source IP are available in the asterisk security log (if you have that enabled) – but that particular attack hides its address from the messages file.

    It’s essential that you secure your PBX; there are options ranging from free to commercial. Have a look at:

    http://www.voip-info.org/wiki/view/Asterisk+security

    It’s easy to get a $20,000 phone bill, so take securing your PBX seriously.

    -M-

    From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Motty Sent: Wednesday, December 02, 2015 1:12 PM
    To: Asterisk Users Mailing List – Non-Commercial Discussion; motty.cruz@gmail.com Subject: [asterisk-users] Failed to authenticate device 100

    Hello, I continued to see this errors in the logs:

    [2015-12-02 10:05:57] NOTICE[19949]: chan_sip.c:23277 handle_request_invite: Failed to authenticate device 100 ;tag=10cdeaf7

    how do I guard against this kinds of attacks? Also, to get the IP address from where this attack come from I use the following command “tcpdump -lni eth0 -f “udp port 5060” is there an easy way to get the attacker’s IP?

    Thanks, Motty

  • Thanks M, I have security enable,
    ; output security messages to the file named “Security”
    security => security

    I see the file created in /var/log/asterisk/security but is empty, and in /var/log/asterisk/messages I see the following:
    [2015-12-03 06:52:32] NOTICE[19949] chan_sip.c: Failed to authenticate device 100;tag