{Help} - How to block wrongpassword clients?

HI

Advance thanks for the help .

1 . How to block the wrong password attempted source IP Addresses ?
2 . My extension starts from [color=#408000]10001 to 10100[/color] .I need to block all other numbers color=#FF0000[/color] to reach my server .

I am using ubuntu linux is the base of my asterisk …

Thanks
K~

There is insufficient information, however, I suspect you are talking about allowguest in sip.conf.

Of course, you may not even be using SIP.

Thanks for the reply

i am using sip only .

yes , i need allow only selected guests to make calls .Already we configured only registered extension make calls .

can i ask like this

How to allow only selected country IPAddress to reach my server .

Need to allow : USA,INDIA

all other countries i need to block on my asterisk …

With your firewall.

Note that, at best, IP addresses will generally reflect the country of the ISP, not the the true country of origin, and you will have a continuing job of monitoring IP address allocations, although that might be a service you could buy.

I am not sure that the Linux firewall could cope well with the number of rules required to do this.

you probably want to use fail2ban or ossec

I have posted some time ago a howto on a French forum
dialnode.com/asterisk-france … hp?p=51548
Be sure all sip scan are auto blacklisted but take care your side to make good conf in your gw or ip phones
because you will be blacklisted and not able to connect server :wink:

cool guys

teamforrest.com/blog/171/ast … und-block/

Here is solution i found .Testing is going on .

Thanks all

This script tries to reinvent the wheel… fail2ban does the same, but more effectively - it monitors the log through gamin, much more resource effective, and much quicker, and detects more cases. Specifically, going through cron evry 2 minutes (or even one) is a big security hole - With a 2 mbs link, you can receive ca ONE THOUSAND requests in ONE SECOND.

And finally, fail2ban can be used to block other attacks on your server (ssh, apache, etc…)

No chances you make me use such a dangerous piece of code

implemented fail2ban

Thanks mate