How do you guys protect your asterisk against attacks from the internet.
I currently have a setup where the attacks are blocked with fail2bin after some failed login attempts. In the fail2bin setup i
had a white list, those would be allowed to multiple tries with wrong pw.
Now the problem is, i want to give the customers the ability to create accounts. I have a setup where the customers should not be able to go over some limit in $. but i would like a better protection.
So that somebody cannot brute force a customer pw.
If i block a ip after some tries, i might block a customer when he made a typo.
The only thing that i can come up is that i block the ip after wrong tries and send a customer email with link where they can unblock that ip.
I also dont allow a customer to chose the pw for a sip account, i generate the pw. So there is a less chance for brute forcing the account.