Hi, I was wondering if it is possible to listen for calls from an “unknown source” and then automatically block the associated IP from future attempts?
Thanks
Why bother listening to them in the first place. If you know the valid sources, drop 5060 requests from anything else at the network boundary.
If you don’t know which IP addresses are valid, use fail2ban and the security log. You still need strong passwords, and, if using a SIP ITSP, ensure they are a peer, not a friend.